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(57) Abstract 

A cable television system provides conditional access to services. The cable television system includes a headend from which service 
"instances", or programs, are broadcast and a plurality of set top units for receiving the instances and selectively decrypting the instances 
for display to system subscribers. The service instances arc encrypted using public and/or private keys provided by service providers or 
central authorization agents. Keys used by the set lops for selective decryption may also be public or private in nature, and such keys may 
t>e reassigned at different times to provide a cable television system in which piracy concerns are minimized. 



<WO 9907150A1 I > 



Codes used to identify Slates party to the PCX on the front pages of pamphlets publishing international applications under the PCT. 



AL 


Albania r • ' - - 


^ 'es- 


•'• i^„^ ■ 




Lesotho 


SI 


Slovenia 


AM 


Annenia 


FI 


^ Finland 


,tT 


Lithuania 
i'<Xuxeml£>drg ' ' ■ 


SK 


Slovakia. 


AT 


Austria . j*:. " ' S . 


\ FR : 


I Frsice ■ : - ^ - - ■ ' 


\ ji ( ' LO V 


SN 


^'Senegal- 


AU 


Australia 


OA 


Gabon 


LV 


l^tvia 


SZ 


Swaziland 


A7. 


Azerttaijan . . 

Bosnia^ and Hierzegovina^ 


. GB 


. .Untied Kingdom . - 






TO 


Chad n 


n\ 


' GE 


Georgia 


MD 


Repubfic of Moldova 


TG 


Togo 


BB 


Barbados. . 


GH 


Ghana 


i MG 


Madagascar . \ , , 




Tajikistan 


BR 


. i Belgiujn- . . ' . - - r 


' dN 




'^^ '.--MK 


'Thdrformer Yugoslav * ' 


TM. 


'Turkmenistan 


BF 


Burkina Faso 


GR 


Greece 




Republic of Macedonia 


TR 


Turkey 


BG 


Bulgaria 


IIU 


ilungaiy 


: v ■':ML: 


M Mali::: u]: ^ 1 


TTJ 


v.: Trihidad.and Tobago 


BJ 


Benin 


IE 


Ireland 


MN 


Mongolia 


UA 


Ukraine 


BR 


Brazil 


IL 


Israel 


MR 


Mauritania 


UG 


Uganda 


BY 


Belarus 


IS 


Iceland 


MW 


Malawi 


US 


United States of America 


CA 


Canada 


IT 


Italy 


MX 


Mexico 


VZ 


Uzbekistan . 


CF 


Central African- Repudblic . , 


: JP^ 


: JapaxT. - ; 


i\ Niger ' ' 


'•■ VN 


VielNam 


CG 


Congo 


KE 


Kenya 


NL 


Netheilands 


YU 


Yugoslavia 


CH 


Switzerland 


KG 


Kyrgyzstan 


NO 


Norway 


ZW 


Zimbabwe 


CI 


COlc dMvoiie 


KP 


Democratic People's 


NZ 


New Zealand 






CM 


Cameroon 




. Republic of. Korea, 


PL 


Poland . , ♦ * ' , , 






CN 


y- China /. ' . ' 


] KR 


>S t\'RbpuB|ic of Rorea . 




* Portugaf-'* ■ . •* 


H 




cv 


' Cuba 


KZ 


Kazakstan 


RO 


Romania 






ct 

DE 


Czech Republic 
Germany 


LC 
U 


Saini L4icia \ 
Liechteiuiein 


SD' 


; ^ Russian Feder^^ipn v 
Sudan 


*; r 








DK 


Denmark 


LK 


Sri Lanka 


SE 


Sweden 






KK 


Isatonia 


LR 


Liberia - 


SO 


Singapore 







BNSOOCID <WO e9071&0Ai 1 > 



wo 99/07150 PCT/US98/16145 

ENCRYPTION DEVICES FOR USE IN A 
CONDITIONAL ACCESS SYSTEM 

5 Related Patent Applications 

The present patent application is a continuation-in-part of the following U.S. applications, 
all of which are assigned to the assignee of the present U.S. application: 

U.S.S.N. 08/767,535, Robert O. Banker and Glendon L. Akins III, Preventing Replay 
10 Attacks on Digital Information Distributed by Network Service Providers, filed 12/16/96; 

U.S. Patent No. SJAlfill^ Pinder, et al.. Information Terminal Having Reconfigurable 
Memory, filed 4/3/95; 

15 U.S.S.N. 08/580,759, Wasilewski, et al.. Method and Apparatus for Providing 

Conditional Access in Connection-Oriented Interactive Networks with a Multiplicity of 
Service Providers, filed 12/29/95; 

U.S.S.N. 09/1 1 1 ,958, Seaman, et al.. Mechanism and Apparatus for Encapsulation of 
20 Entitlement Authorization in Cpri^it^prfal^^^^ ^i^^^^ [^^^^ 7/8/98; 

The present patent application ^so claims priority based (on U.S,S.N. 60/054,575, 
Wasilewski et al., Conditipmi%cesk System, filed August 1, 1997. The present ' 
application is fiirther one of seven applications with ideiitiQal Detailed Descriptidns All 
25 of these applications haye tfi^ei^i^e filing date and all haycbthe same assignee. The Sties 



and inventors of the six applications follow: 



(0-3318), Wasilewski, et dl ^ Conditional Access Systemi fAcd July 31, 1998; 



30 (D-3373), Akins, et al., Metkqii and Apparatus for^Cfeographically Limiting Service in a 

Conditional Access System; filed July 31, 1 998; ' » 



...J 
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(D-S457), Wasilewski, et ai.. Authorization of Services in a Conditional Access System^ 
iiied July 31, 1998; ' * ' " ^ ' ^ ^ ^ ' 

• (D-3472), Akins,'et all, ReprWehtingE^^ Service in d Conditiorial Access 

5 53^^m;lMed july^l;i9^^ ' ' ^ ' " ' ' 



(t)'-2999), Pihder, et al.. Verification' of the Source of Program hifbrmationiti a 
Cortdiliondil Access Syste'm;ri\ed^J^y3Xi^^ '■■"r''". ^ - = 

10 (b-3614), Pinder, et sH'., Source Autheritictitioriof Download Information in a Conditional 

Access SyStem,S\&&My "31^9^^.^ ' ^ '■ 



Fidci of th^ Invention '''' ' ' ' ' 



15 The invention concerns systems for protecting information and more particularly concerns 

systems for protecting information that is transmitted by means of a wired or wireless 
medium against unauthorized access. 

20 Background of the Inve^^^^ 

Pn? of distributing infonnati9n is to. broadcast iit, :that is,,to.place ,the information on 
.a lyiedium frpm which it can be received , by any device that isrconnected to the medium. 
T^lpyisiori Md radio are well-knpy^ broadcast mfsdi^, Jf one wishes to make money by 
distributing information jon a bi:pAdcj^tmedivi|n^ a couple of alternatives. A first 

25 is to.fiijd sponsors to pay for broadcasting is to permit access 

. i; /^^^^.^^9^^^^^^^9^^ This is generally done by 

broadcasting the infomiation in sci^bled or enci^fpted form,; Although any device that is 
connected to the medium can receive the scrambled or encrypted information, only the 
devices of those users who have paid to have access to the information are able to 
30 unscramble or decrypt the information. 
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A service distribution organization, for example s CATV, company or a satellite television 
company, provides its subscribers with information from a number of program sources, 
that is, collections of certain kinds of information. For example, the History Channel is a 
program source that provides television pirpgrams a^9yt Each program provided 

5 by the History Channel is an "instance" of that program source. Wb^n the, seryice. > 

distribution organization broadcasts an instance of the program source, it encrypts or 
scrainbles the ins^ce to form encp^pted instance.. . instance, contsuins 

instance data, which is the encrypted iirformatiojj nfi?ik^ up the prograisp. . 

10 . An encrypted instance is broadcast oyer a transmission mediup^ The transmission 
medium may be wireless or it may be "wired", that is, pro>(idpd via a wire, a coaxial 
cable, or a fiber optic cable. It is received in a large number of set top boxes. The 
function of set-top box is to determine whether encrypted instance should be decrypted 
and, if so, to decrypt it to produce a decrypted instance comj^rising J^e infQrmaty>nj 

15 making up the program. This information is delivered to a television set. Known §et top •% 

boxes include decryptors to decrypt the encrypted instance. :r 

Subscribers generally purchase services by the month (though a service may be a one- 
time event), and after a subscriber has purchased a service, the service distribution 

20 organization sends the set top box belonging to the subscriber messages required to 

provide the authorization information for the purchased sifvices.^ Authoriziition 
' informatidn may be'teilt Wth thfe' iristanct cisiita iSr iftay lie'serit vm a separate channel, for 
example, via an out-of-Batid RP'liTilcJ^o iPset* fop box. Various techniqiifes have btean 
em^5loy6d to enbfyp't the au'thori'zatiofriiifbffiiaH^^ Authoriilation infonfiation My 

25 • - include a key for a service of the* sefvi6e distnbution orgariizati6n^ah(f ari^hilic^^^^ of 
what Jirograms in the servideWe substc^^ to Watch, IjF the kiittfbri'zau 

- ' infomiatfon indicates that ^theTsubscril>er is Sntitlfed to Wafch the program of m encrypted 
instance; the set-top i)6x dec^tis the encrypted ihst^ce. ' ^ 



3 

^MBStlTLfJE SHEET (RULE 26) 



BNSOOCID <WO {I90715OA1 i > 



WO 99/071^ ' FCT/VS9m6UG * 

It will be appreciated that "enctyi>tion* "scrambling" are similar processes and that 
"decryption" and "descrambling" are similair procesi^l; a dfftererice is that scrambling 
and descrambling are^generally ah^dg in nature, while' encryption and description 
processes are usually digital. . ■ l- :c^. 

' Th6 accesis restrictioii's ^re reqiiiJ^dihbotfj analog md digital systems. In 'all systems, the 
continued technological improvements' being used to overcoine the aci^ss restrictions 
require inbre seciire and flexible ^h^€ss f estnctidns. As more systems switch from an 
analog format to a digital format, or a hybrid systeih cohtkinin| bo& analog and digital 
10 fonnats, fl^kible ascess reitrictions^rill fe^^ ' ' 



Restricting access to broadcast iiiifdrmatibn is eveii more important for digital 
infonnation. One reason for this is that each copy of digital information is as good as the 
original; another is that digital information ban be cotnpressed,''and^consequently, a given 

15 amount of bandwidth cames'thucK niore infonnation ih digital form; a third is that the 

service distribution organizations are^'addihg^reverse patli^' permit a set-top box to 
siencl a irieSsage to the service tttsiribUliio^ oi-garusatioh, ih^^^^ permitting various 
interactive services^ ;■' " '"' ' ' •* • ' '• < * - 
Thus,Tflie stMce distribkidn or^^iatioiK reqfe access restrictions which are both 

20 more secure and more flexible than those in conventional systems ' 



Brief Description of the Drawing 

FIG. 1 is a block diagram of a conditional access system; 
FIG. 2 A is a block diagram of the service instance encryption techniques 
25 disclosed herein; 

FIG. 2B is a block diagram of the service instance decryption techniques 
disclosed herem; 

Flic. 3 is a nriore detailed block diagram of the service instance encryption and 
decryption techniques disclosed herein; 

FIG. 4 is a block diagram of the techniques used to dynamically provide 
entitlement agents to a DHCT; 
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FIG. 5 is a block diagram of a digital >roa,dban4 delivery systenv iii which the 
coiiditioiial access system is implement . , : . . . ... 

FIG. 6 is a block diagram of the conditipi^sd^access system in the digital , . 
broadbanddelivery systemof FIG. 5; .. : \, 

5 FIG. 7 is a diagram of an MPEG-2 transport stream; 

. FIG. 8 is a diagram of how EMMs are mwped.intp an MPEG-2 transport stream; 

FIG. 9 is a diagram of how EMMs are. ^iapped, into an. IP packet; . . , 

FIG. 10 is a diagram of how ECMs ar^^^ into a MPEG-2. transport stream; 

FIG. 11 is a detailed diagram of an EMM. 
10 FIG. 12 is a detailed diagram of a preferred e^pbodimpn^ of DHCTSE 627; 

FIG. 13 is a diagram of the contents of memory in DHCTSE 627; 

FIG. 14 is a diagram of how NVSCs are allocated to, entitlement agents in a 
preferred embodiment; - . , 

FIG. 15 is a diagram of an, EAD NVSC; _ . . . . - 
15 FIG. 16 is a diagram of other kinds of NVSCs; , > 

FIG. 17 is a, diagram of an event KVSC; . ; • ^ _ 

FIG. 18 is a diagram of a global broadcast authenticate^ jtness^gp^ (pBAM); -.CL 

FIC5. 19 is a detail of the contents of one kind of GBAM; — . . . - ; 

FIG. 20 is a diagram showing how pB A ma;y be jised gen^cally..tp provide data ^ 
20 to a client application; 

FIG. 21 is a diagram of a forwarded purchase message; 

FIG. 22 is a diagram of the entitlement unit inessage in an .ECM; _ . . , 

FIG. 23 is a diagram of a code message; 

FIG. 24 is a diagram showing the relationship between TEDs and the rest of 

J. f-r. l.z r*'^ V U . ^ *:'^T. M - -.■t'j*'U: . '* ^* \ > 

25 conditional access system 601; 

FIG. 25 is a detailed diagram of a TED; 

FIG. 26 is an illustration of the coordinate system used for spotlight and blackout; 
FIG. 27 shows how an area is computed in the coordinate system of FIG. 26; 
' FIG. 28 is a description of a public key hierarchy; and 
30 FIG. 29 is a description of an EMM generator according to the present invention. 
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The reference humbefs in tiie dravvings have at least three digits. The two nghtmost digits 
^ are reference numbers within a fig^; thfe digits tb tRe left of those digits are the number 
' ' of the figiire in which the iteih'i 

example; ahltem witti referehtJfe nitthlb^ first appears in FIG. 2. ' " ' ' 

Detailed Description of a Preferred Embodiment 

The following Detailed Description will firstjprovide a general introduction to a 
10 conditional access system and to encryption and decryption, will, then describe how 

service instance encoding and decoding is donein a preferred embodiment, and will 
thereupon describe the. techniques ^used in. Ae preferred embodiment to airthenticate the 
ECMs,and^NfMspf thepre^ferreden).!^^ I)Iext,.the Detailed Desoiptio^^^^^^ 

descrijbe l^ow. EMMs pan^be used, to. dx^micaUy^ ad^ pnd remove access to servicfss and 
15 the rqle, of pngryption .^d.a^^ tfiere will be a 

detailed exposition ,of how the techniques^descril^^^^^ intherforegping are [employed in a 
. . broadqast data deliyery systeip with ^ node structure and a reyerse^ psith from thg set top 
,bo>c to the head^end, of how secure prpce^sors ^nd memory are^ (employed iij the preferred 
emboc^iment to protpct keys and entitlement information, and^of hpw certain operations 
20 areperforniedinthe.pjrefeir^^ i. r v. 

Conditional Accesjs. System Overview r . 1 ^ : - ,r J^ 

FIG. 1 provides an overview of a system 101 for limiting access to broadcaist information. 

Such systems will be termed in the as "conditional access systems". A service distribution 

25 ^ ^ organization 1 03, fpr example, a CATV company or^a satellite television company , 

provides its subscribers with informa^on from anumbe^^ that is, collections of 

jcertain kinds of information. Eor, example, tfee Higtory^ Ghayuiel; is a service: that provides 
television .pi;pgrams about history.. EacKprpgram pFqvid^^ by the History; Chaimel is an 
"instariqe" of that service. When .the sejryice distributionrorgaiiiza broadcasts an 

30 instance of the service, it encrypts pr ^crarnbles it^^ instance t© form encrypted instance 

6 
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1 05. Encrypted instance 1 05 cojitaiijs instance data 1 O^y which is the encrypted 
information making up the program, and entitlement cojntroj messages (pCM) .107. The 
entitlement control messages contain informatiQ;j,needPLd to decrypt^ the encrypted portion 
of the associated instance data 109. A given ^ntitlei^eiit cQ|Xtro|.m^ssage is^ent many 
5 times per second, so that it is inmiediately aveiilable to any new viewer or a service. In 

order to make decryption of instance data 1 09 even more difficult for pirates, the content 
of the entitlement control message is changed every few seconds, or more frequently. 

Encrypted instance 105 is broadcast over a transmission medium 112. The medium may 
10 be wireless or it may be ^'Wired'VtKat^is, prbvi'ded Via a''wire!'a coaxfal ciable, or a fiber 

optic cable- It is received in a large huirib^ of s^t top boxes \ 1 3(6 .: h); datch of which is 
attkched to-'a televisidn set. It is ^ 'functiBn of set-top box 11^ to d^^ 
encrypted instance 1 05 should be deSrypted and if sb? tb'decrypt it to prodiice decrypted 
^'inst^ce 12?, which is deH Vexed to die t^i^visibn set7 As shown fn detail wfth regari to set 
15 top box 1 13(0)\^et top^ bbx II j^ihcItideVdeciyptbi^h S, wW^ usW r c&r?tfoiSj?dtd 1 1 ^ as ^ 

a key to d€i:typi ehdiVpted iH^fce^0^.-Coh^ ¥)f c/duddS bj^' coh^^ 
' 5 geflerfiitdr 1 1 9 frbm infbnnati8n4SSht^^ dHtitiement ebntel nres^^e 107^ ki^ f: 
• Hnfonnation from authofizaf ion nnfoit^^ eXstmple, 
^ ^ authorization informffibii P21 may include a key for the sdrvide and ^n indidatioh of what v^* 
20 programs in the servitie the subscfibbr is ien^ f 

information 121 indicates that the subscfiB^r ts entiiled^itcr wSbfi thd progr^ 6f eribrypted*^' ^ 
instance 105, control word generator 119 uses the key together with information from 
ECM 107 to generate control word 117. Of course,' a new c6ritf6r>^oVd iS'^'enerstteci for 
. v-.^^. each nfew ECM 107?- 3^ \c-\ av.;-/. • .v- / ^^^'r^^r..^ . j.r 

The authorization iriforihalibrfusbd in i^p^fcular set top iSox \ 1 3(i)'rs bbtscitied from one 
or niore entitlement manzigem'ehrmes^ges i I 'addressed to set top fedx 1 1 3i{i). ' 
Subscribers generally ^piirchasfc sei^ (thotigfi a ^rvix:e ittay be 'a bne- 

^ time event), and after a Subscriber lii^jpidfdh^ 
30 organization 1 03 sends set lop box '1 f ^i) 'befoi^ing to the siibscnber entittenient 

management messages 1 11 as required id provide the authorization irif6rihati6n*121 
required for the purchased services. Entitlement management messages (EMMs) may be 
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sent interleaved with instance data 109 in the same fashion as ECMs 107, or they may be 
-sent via a separate channel, for example Via'ari oUt-of-band RF linl4 to set top box 1 13(i), 
which stores the mfonriation from tlfe exititiement management inessage (EMM) 11 1 in 
authorization infohnatioiil 2! !• bf cbiiile; various tfechmqiies have been employed to 
5 encryptentitlementmanagement messa^^s ill. • * • 

Encryption Md Deciyptid^ ' * 

I'he encryption kiid deciyi)tion techhit^iie"^ us^^^ for service instance encoding and 
decoding belong to two general clashes: symrnejtric^ key^techriiques and public key 
10 techniques. A symmetrical key ertciyptiori systerh is oiife in which* each of the entities 

wishing to communicate hak i copy of a' key; the slferidinig entity encrypts the message 
using its copy of the key and the receiving entity decrypts the message using its copy of 
the key: An example symmetrical kfefy enci^^tion-dccrj/^ 

Encryption- Standard (DES) system.'^X public key encrST^tiori system is one in which each 
15 of the entities wishing to communicate has its own public key-private key pair. A 

message encrypted with the putlic kWy' cah'biily be deciypted with the private key and 
vice-verM.- Thus, as Idhg^as a giV&ii eiitifj/ keeips iVs priWte'k^ey secret, it can provide its 
public key to any other entity that wishes to communicate wilfi it. the other entity simply 
encrypts the message it wishes to send to the given entity with the given entity's public 
20 key and the giVen entity uses its pffvktd kiey t6 decryiit the message. WHere entities are 

exchanging messages iising public key Encryption, each entity riiiist have the other's 
public key. The private key cah als6t)e lised in digital signature operations, to provide 
authenticiaitiori: For details On eriCrypftion generaliy ahd symmetrical key aihd public key 
encryption in particular, see Briice SclMcicr^ Applied Cryph^^ John Wiley and 
25 '"^ Sons, New York, 1994^' ^'^-^ ^ '-^r- 

' The design oiF an 'encryption^ ^yS^^^ a' given a^)plicaition involves a number of ' 

' ' considerations. As will be seeri iffthe following, cbnsic^^ are particularly 

a* ■ ' - 

important in the broadcast message environment include the following: 
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• key security: A symi»|^trical key system js useless if a,third.party bias access 
to the key shared by the qqpiniimicajing pail^ key system is 
also useless if someone oth^r thfi) the ^ymti of a.giyeii public key. has. access 

5 to the corresp)onding private k^y. . : ^, J . . ^ 'r; . 

• key certification: how can the recipient of a key be sure that the key he or she 
has received is really a key belor)«ijn|g to tj^e entity tQ which the recipicjnt 
wishes to,?pd m encrypj(?^^ entity 
which wishes to intercept the message? , , . 

10 message authentication; hpw .^^an th? recipient of a, message be svu-e that the 

_ message is from the party it claiixis to be ffom^ and/or. that the message has not 
beenahered? ... 

• speed of enciy^tiop ancl^j^^ciy ^n genen^, symmetrical key encryption 
^ systems are faster than public key encryption isystems.and are preferred for use 

15 with real-time data. . . i 

• kc;^ .size: in^eneral, the jojng^r Jhe key^ us^d in an e more 

. . ^ jcspurces will be jequired^to ^ncryptipji,^4 theireby gain^access to % 

the message, 



20 All of the foregoing conside^tions are influj^riced by the.fact that^the enyironi^ent in ^ 

which a conditional access system pperateis nitist bp.i)resumed to be hostile. Many , 
. customers of broadcast services see nothing wrong the service provider and 

have nothing against tampering physically wi A the portion pjf.the conditional access 
. system that is conUiined iri the receiver or using various cryptographic attacks to steal 

25 keys or to deceive the receiver about the source of the messages it receives. Moreover, 

the providers of the systems that actually broadcast the services do not necessarily have 
the sanie interests as the providers of the sgryice qpntent, anid tJ^erefore^need to control not 
only who can access a given instance of a service, but also what entities can pffer services 
to a given receiver.. -. , . .... 
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Service Instance Enciypiion and Deciy^^^^ jPIGs, 2A and iB 
In overview; thei encryption system of the present invention uses synimetrical key 
ericrjTptidn techniques to entr^Tpt arid the service instance arid public key 

eridryptidn techniques to irahspbrt a cojiy of one of the keys useSd in the symmetrical key 
techniques df the key from the sehace provider to tHe set-top ^^x. 



p Too 



- In Fig. 2A, clear services such as the elenientaiy digital bit streams which comprise 
MPEG-2 progfarris are sent through a ieWl ericryption called the Program Encrypt 
function 201, v^hich is preferably a syriimetric ciphW sucH as tiie well-knovvn iDES 

10 algorithm. Each elementary stream may be individually encrypted and the resulting 

"encrypted streams are sehf to MUX 200 to Be coihbineci wi^ other elemental streams 
and privateidiata, such as conditional access data. THe key used in ithe Program Encrypt 
functiori 201 is called the Control Word (C^ 202! The CW 202 is generated by control 
word Generator 203 Which can be either a phy sicany rahcibm number generator or can use 

15 a seqiiieritial counter with a siiitabFe taridomiz^^ produce a stream of 

"random CWs. A new CW is generated frequently, perh every few seconds and is 

' ippiied to each elementary stream dn the same time scafe. EacS new CW is encrypted by 
Coiitrol Word Enciypt & hilesskge Auttientica^^^ function 204 using a Multi-Session key 
(MSiC) 20^ provided by Multi-Se^^^^ gener^for 205! the CW is then "combined into 

20 aii ECM 107 with other service-related information.' the ECM 107 is authenticated by 

Control Word Encrypt ^ Message Au&'enticate functiori 204 which produces a message 
authentication code using a keyed-hash value derived frorii the'message content combined 
with a secret which can be shared with the receiving set-top box 113. This secret is 
preferably part or all of the MS^^ authentication code is appendedto 

25 the rest of the ECM 107; the CW 202 is always encrypted before being sent along with 

the oflier parts of the B&A l6 MtJX 200. TThis enci^^tibn is prefei^bly a symmetric 
cipher siich as the Triple-DES algoritlmi using twb ffisti'nct 56-bit keys (which taken 

together coniplriise'hisk 208). " " ' ' 

. .• • • ■ ■ . .,.■■.".•:' !"• ,;•' -i p ••! 3..; •";<:..■■:-■'■'.'■:.!■.; 

30 The MSK 208-has a longer lifetime thka CmiQli Thei MSK lifetime is typically hours to 
days in/length. MSK 208 is both^enerypted and digitally signed by MSK Encrypt & 
Digital Signature function'206 before being sent to MUX200 encapsiilated in EMM 111, 

. .-. ... .IP..,. • 
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MSK 208 and otfa^ parts of EMM 11 1 are preferaWx^encp^pted using a pubtliq key 
algorithm, such as the well-known RS A algorithm, Avjth a pMblic, k?y assoeiated with the 
specific set-top box 1 13 to which the EMM is jadd^|??§ed. The public keys of all set-top 
. boxes 1 13 in a system 101 are stored in Public Key Data Ba^e 207. The public keys in 
this data base are preferably certified by a certificate authority. ^The digital signature 
function in 206 is preferably the RS A digital signature method, although others could be 
used. In the case of an RSA digital signatiu-e, the private key which is^used to make the 
signature belongs to the entitlement agent ^thin seiyice.distributionprg^zation 103 
responsible for authorizing the associated service. 



In FIG. 2B, the corresponding DHCT|ttivate key and associated DHCT public, secpre 
micro serial number are stored^in merpqry 232. of decoder 240. Public- secure, micro serial 
number is provided so tii^t <^emultiple^er 230 c^selectan encrypted multi-session key 
addressed to decoder 240 from transport data stream (TIXS). Encrypted multi-session key 
Ekpt (MSK) is decrypted m de(^r>ytor 234^^u^^^ k^ y^from n^^moiy 232 tor, 

provide multi-session key MSK. Pemultiplexer 230 also selects frpm tr^sport data 
stream TDS encrypted^control word |C W)^ E^^^ (^^^j Tbe encrypted C W, ig ,|>r^^gssed in 
decryptor 236 using muhi-sessioq key MSK as the decryption key to provide the ^ 
unencrypted CW . Thi? unpcr^pted C ^referabl^ chang^s^at a high r^e,.for example, 
20 once every few seconds. ,.D|^jrnultiple^^ 

encrypted service Ecw^p^ERVICE). The enCTjjptecl servic^is processed in4ecryRtor 238 
using the CW as the decryptipn key to recover the unencrypted service. 

Detailed Implementation of the Encryption System of FIG. 2: FIG. 3 , 

25 FIG. 3 presents more details about a preferred implementation of the system of FIG. 2. 

Encryption/decryption system^ 301 has two ijwnxQmpon service pri^inati^ 
component 305 and service reception component 333. The two. are connected by a 
transmission medium 331, which may be any medium which-will cany ^ niessage from 
service origination component 305 to service reception component 333. Service reception 

30 ^ component 33SisJipplemented in r$W-top*0x^ termed 'hereihafter.ai?digi^^^^^ 

* communications terminal (E>HCT)r It may, however be impleniented.in any device which 
has the necessary computation power. Cor example, a personal computer or work station 

11 
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or an "intelligent" television set. In the service briginatioti cbiiipdnent, at least the portion 
labeled 306 is typically implemented in equipment locatifecl at the head end of it 
broadcasting system such as*a dable television (CATV) dr satellite TV system. In some 
eriibbdimchis.' however,' the head eiid may be provided with already nencrypfecf instances 
5 of the service. The reniaifiing^pdhiori 308 fea^ iafeo be loicated at th6 head end, but may 

■ •: - also be located anywhere which has^kcc^i^s of some kind to head end 306 and sifefvice 
= reception component 333. -^The-latter' iS particularly tKe' case if Ae EMMs ar6 seiit out of 
K band; for example by way of a widte'^ai^a hetwdrk iuch as the Internet. Also, the 
transmission medium may be storage media, where the service origination poi^it is the 
10 manufacturer of the media, and the service reception component may be the element 

which reads iHe storage inedia. For examjile, thetransiiiii medium cm be a CD- 
■ ■ ^ ^ ROM, DV b, floppy disk, or any other triedmm^ty^t can h€^x^sf^ir6d^ physically, 
-^' ^ electronically, or oAcrwise^^ % ^ • - - ' - l 2 

15 Beginning with servicb origihatiori ix)rti6^ niiniber general:or 307 is used to 

< - generate MSR 309; Next, ah^^^fM^1!5^icx)n^ mfbrmation is 

produced. EMM 3 1 5 also includes a sealed digest. The sealed bigeSt has two purposes: 
to ensure that the information placed in EMM 3 1 5 by service origination 305 is thie same 
~ infdimiation that arrives ait DHCT 333 ahd to enkui'e tha th^ information has in fact come 
20 from an entity which is empoWered'to give ad'cess to the kervice. 

The sealed digest is maSe in t\v6 std^esr first, a' digest d^ ElidM's contents (here, MSK 
309 and the related information)- is made by hashing^ the'co^ in a secure one-way 
hash function to produce a^relatively siioit bit string. The secure one-way hash fimction 
25 has three properties: ^ "^"'^ ' ' " ' ' " " 

• the contehis that w^ 

r • * / * : deteriiiiried from tfie sho^ ' " " 

- ariy change in'what is hashed prdduces ^^2^^^^ short bit stririg; and 

• it is computationally infeasibie tb'coiistruct a different message which 
30 ' ? " : procluces the same short bit sitiihga^^^ ^ • ^ 

- ^ The short bit string outp^^ 

contents of the EMM haVe changed in ti^aiisit without disclosing those contents. The 
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preferred embodiment u^es t^e Message Pij^est 5 one way hash function, as indicated by 
the notation AfflJ, ^For details on.one-.way l^h ftmctions, see tfie Schneier reference, 
supra The digest i^ a se?ded digest because^it .is qacrjgpted with a private key SP- Kr 3 1 0 
belonging to the entitlement aqgent (E^) that has ihevright ta^iye the DHQT access to the 
5 ^ . service for wljich the MS^IC is u^d to. produce jfiie key*, j^efore the sealed.digest can be 

. ^used to /:heck, whether the EMM wasLjOr^Q^miJted con^ct^ mjus^ be decrypted using the 
entitlement agent's ppblip. key. .The sealc^ digest thus confinps to the.DIJGX bQth that 
the contents pf the EMM, ye been irans^iljecjj correctly ^d that the gource of jthe EMM 
is the entitlement agent. , , . . , . i, 

Once the seale/^ cli^est^ i| ma4e, ih? consents of the EN^M (here, MSK 309 and;the,related 
information) are encrypted^witjx the p^blic^y DHCT Ku 3 1 2 of the DHCT .333^ap which 
EMM 3 1 S is addressed and EMM 3 1 S, containing the encrypted cqntents and jthe sealed 
digest, is sent via transmission medium 33 1 to the DHCT 333. In the following, the 
15 ^ ^ notation A> is used to indi(C?^tp a^riy^ite kfjy^^ is u3ie(Up indicate a pubJ[iG.Jkey. The ^ % 
^ nqtotion | 
_ OTcryptionalgorit^^ ^i0^6:.ci - -b/ :or;h::>^^ .lv:u::^^r^ . 

As shown in DHCT 333, EMIyl 3 l.^^c^ Qijy ^be decQ^ptjed.by^the DH[QX.33i3 whpse 4 
20 private key 337 (DHCT Kr) corce§ppp4s.to thajpubjic^key used to encrypt EMM 315. * ' 

DHCT 333 decrypts EMM 3 1 5 and uses the sealed digest to determine whether the EMM 
^ 315 was correctly transmitted. The deteimijaati^n.^jmacje by. using public? k^y SP Ku 335 
for the entitlement a^ent to jdecr^pt, the^^ealecLdj^e?!. .Thep,the conjtents.of EM are 
hashed using the s?uiie secure one-way^ h^J? fu^^ that vyfis^used to make; the, digest. If 
25 the results of this hash are identical to the decrypted sealed digest, the^determination 

succeeds. The check \yith the^sede^^ C^ii trai^missipn to,the DHCT 333 

was corrupted in transit, if DHCT 333..<lpPS.'not hay^ the private key: Qorresponding to the 
public key used to encrypt ^e EMIyi (i.e.^ is,i>o^ tl^e DHCT.333 for vyjhich^EMM 3 1 5 was 
intended), or if DHjCT 333 doe^ not h^v€| public. k9y. 33^^^^ corresponding to the 

30 private key of the EA that was used tp^makp. the §eale?4 digest. ^The.latter will be the case . 

if that DHCT 333 .has not been given access tp^^eryic^es provided by the entitlement agent. 
EMMs 3 1 5 addressed to DHCT 333 are §ent repea^teidly; consequently, if the problem was 
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corruption in tiaiisit, an uncorrupted EMM 3 1 5 will be received shortly and the 
determination will succeed. How DHCT 333 comes to have SP Ku 335 needed to decrypt 
the sealed digest will be explained in more detail later. 

5 Thfe next stage in service origination 305 is generating control word 3 1 9 used to actually 

encrypt service itistahc^J 325 aihd geriei^tmg the carries the information 

needed to decrypt thd service instance to DHCf 333. The control word 319 is generated 
- by ranHom number generator 317. This can be a true^random number generator, whose 
' buiput is the result of some basic underlying random physical process, or some other 
10 means, for exainple, the rissult of encrypting a value, called a "counter" (which increments 

^ by one after each use) with 3TbES, using the NlSK as the key. In the case of a true random 
number, the encrypted'control word is^transmittcd in the ECM, In the case of the counter- 
based control word generation, the clear version of the "counter" is used in the transmitted 
ECM. As mentioned above, the control word is a short-term key, i.e, it has a life time of a 
15 ; few seconds or less. Included in the ECM' 323 is a digest of the contents plus the MSK 
■ Which is made usirig'the M one-way hash jiis^^ described. The inclusion of the MSK in 
malcing the digest ^ives the entitlement agent to which the ECM 323 belongs a shared 
^ ^ secret with the DHCTs'333 that arel entitled to receive service instances from the 

entitlement agent ahd consequently preverits^'spoofing" of ECMs 323, that is, provision 
20 of ECM^ 323 from a source other than the entitlement agent. As will be seen in more 

-detail later, the preferred embociiment uses ttie shared secret technique generally to 
authenticate messages which cbniaih messages that have real-time value with regard to an 
instsmce of a service. 

ECM 323 is sent together with encrypted content 329 to DHCT 333. The first ECM 323 
25 for a given' portidri bf encrypted cdritent '329 niust of course arrive at DHCT 333 before 

the encrypted content does. In the preferred embodiment, content 325 and ECM 323 are 
encoded ac£6fdiiig to the MPEb-i standi The standard provides for a transport stream 
which includes a himibef of component streams. Some of these carry content 329, 
anothei- carnes the ECMs 323, and a third carries the EMMs 31 5. Only the streams 
30 carrying content 329 are encrypted according to DES 329; since the control words in 

ECMs 323 and the contents of EMMs 315 have already been encrypted, no further 
encryption is needed when they are sent in the MPEG-2 transport stream. The maimer in 
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which EMMs and ECMs are transported in the MPEG-2 transport stream will be. 

;•■ . "1 i. . ;i : ^ ^-^ , . 

described in more detail later* . . . i „ ... 

When an ECM 323 is received in DHCT 333, control word 3 19 is either decrypted or 
5 found by encrypting the counter value at 343 using the.MSK.^Jhe irit^griiv of the 

contents of the ECM 323, is, chQcJced by comparing the. valine resulting from hashing the 
contents plus some or all of thi? MSK (based on ciyptpgraphic principlps).in the, one-way 
hash function with the message digesf contained in ECM 323. Included, in the contents 
are control word 3 1 9 and information identifying the service instance 325 which ECM 
10 323 accompanies. The identifying information is used together ^yith the .authorization 

information received with ^MM 315,to determine whether DHCT 333 is authoji?ed to 
receive the service instance 325. If it is. control word 319 isjused in service decrypior 347 
to decrypt encrypted content to produce original content 325.. 

15 System 301 offers a number of ady^iitage^ with regard to security. It takes advantaee of 

the speed of symmetrical encryption systems where that is needed to decrypt encrvoted 
content 329 and the control word in ECM 323. TJie control word is protCQtedLby 
encrypting it using the MSK,^ and ECM 323 is authenticated by. using some or all. of MSK 
309 as a shared secret between the entitlement agent and DHCT 3.33. MSK 3L09.is 

20 protected in turn by the fact that it is sent in an,EMM which is encrypted usine-the 

DHCTs public key and by the fact th^t the EMM includes a sealed digest which is 
encrypted using the entitlement a^ent^s private key. Further security is proyided l?y the 
fact that service identification information from ECM 323 must agree with the 
authorization inforaiation received in EMM 315 before control word 319 is provided to 

25 service decryptor 347. For example, as described in detail in .the.Ba^K?^^.,a^ parent 

patent application supra one use of the information in ECM 323 and EMM 3J5 is to 
prevent what are termed "replay atjuipks" on the jenciypted services. In addition to, being 
secure, system 301 is flexible. The authorization information contained, in EMM 315 and 
the service identification information coptain in ECM 323 togetljer.pLprmit a wide range 

30 of access to service instances received in DHCT 333. 
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Dynamic Provision of Multiple Entitleih agents to DHCT 333: FIG. 4 
y The use of the sealed digest in EMM '31 5 means that DHCT 333 will not respond to 
EMM 315 unless it has a public key fcir the efititlement agent that Has the power to give 
erititliBm^iits to the seivice to fce^deeryjited by the' MSK iii EMM 315/ This is part of a 
5 - broader an^angemfent which makes it'pbssible to dynamically provide DHCT 333 with one 
or more entitlement agehts and x6 dyhaniicklly remove prbvideH erititlement agents from 
DHCT333.- ' -r --'^'^^ ' ' ' ^ ' 

The entity which provides and renibvies ehtitlement agents is called the conditional access 
authority (CAA). The arrangement further perihits erititlement agents that hl^ve been 
10 provided to DHCT 333 to dynsimicaily modify tHeif authorization information in'DHCT 

333. All* of the infonftation needed to perform these operations is sent via EMMs, with 
the sealed digests being used to ensure that only tKe CAA riiay add brVemove entitlement 
agents and that only the entitlement agent to which authorization information belongs 
may modify the authorization information. ' 
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'The above arrahgenifent has a'ttumb» bradv^ita^ 



r:. . - W Ifpemiiti multi]ile^e^^^^ 
■ It perinits^dynamic additfon and rembvai of erititlement agents! 

^ • It places limits on the services to which ari entitlement agent niay grant 
20 ' - ' entitlements, but othenvise peiro^ 
• ' ailthorizatidn information. * ^ 

' " • it separates the business of proviciing entitlements to services and service 
instances ffdm the business of actually providing instances of the service; 
' consequently, a tATV operator ihay simply run as a disttibution utility. 

25 • It separates the business of givirijg ah entity the right to be an entitlement agent 

from the business of being an entitlement agent, 
n . e . ^ . pfrdvides an easy way of pefmittinjg a ciisto to change entitlement agents 

- . as ne of she sees fit. 

" - • It provides a secure arrangement whereby a DHCT 333 may communicate by 
30 ' ■ teeahs of a reverse path with aii entitlement agent, a conditional access 

' aiuthbrity, or potentially the provider of the instances of the service, 
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FIG. 4 shows how thp arrangement is implejnented in a preferred embodiment. . FJG. 4 is 
best understood as an extension of FIG.. 3. BotJi FK3. 4 and FIG. 3 have the same major 
components: service origination 305, DHqT 333, and transmission medium 331 for 
coupling the two. Further, encryptor 3 1 3 aiid 4e;cryptoj- 335 are used in both figures. 
^. . .Moreover, ^ indicated by reference nmnber .393, .thfejEMMs,ma5r. be either $ept .together 
with a service instance or by another ^h^ FIG. 4 fiather shp:ws ^ additional 
component of DHCT 333, namely EMM manager 407. EMM manager 40.7 is . . 
implementiBd in software executed in a seciire processor in DHCT 333. The task of EMM 
manager 407 is to respond to EMMs which add or remove entitlement agents and, to 
10 EMMs which modify the authori2ations fo^ EMM manager 407 

further provides messages by means of which DHCT 333 m^y communicate with an 
entitlement agent or a conditional access authority. 

Initially, EMMs that modify an entitlement agent's authorization infomiation.are made in 
1 5 response to modification information 403 provided by the entitlement agent or required ^ 

by the network operator. As shovm at 3 information Js-enciyj)ted ^ 

using the public key 312 for DHCT 333 and has a sealed dige3t:th^ is encrypted using-tKe 
private key 3 1 0 for the entitlement agent. The resulting authorization modification EMM 
405 is sent via transmission medium 331 to dec pHC'^333, where it is 

20 decrypted and checked in the manner described above for EMMs, 3 1 5, containing an MSIC. 

The EA modification information 403 contained in the EMM goes, hqwever, to EMM 
manager 407, which uses the information to modify Jthe authorization information for the 
entitlement agent in DHCT 333. Examples of modifications include adding or canceline 
seryices provided by the entitlement authority and .changing the conditions under which 

,,''C " ^ f.i. . "I i . * " . .-i..^' - 

25 access to instances of a given service will be granted. , 

r i • . : . ■ . l: ^fr ir; 1 . v. i • v;^ ;i 

As indicated above, the sealed digest is encrypted using the ^rivatQ ^ey. of the entitlement 
agent. Consequently, the validity of the EMM can oriy be dc^^ 

the entitlement agent's public key. The public key for an entitlement ^^ent is provided to 
DHCT 333 by an EA 2dlocation EMM 413 from a conditional access authority. EMM 
413 contains entitlement agent allocation information 409 from the conditional access 
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authority; at a mihimum, entitlement agent allocation information 409 contains the public 
key for the entitlement ageiit; it may also contain information about the amount of 
nieniory ^ entitlement agent may have in DHCt 333 anii about classes of service that an 
ehtitlemettl iagent miay offer. For example, tlie entitiement agent may not be permitted to 
offer iritfe^active services/ Information 40^ is encrypted with the pubiic key 312 of DHCT 
' 333/ahd the sealed digest is encrypted with private key 41 1 of the conditional access 
authority/ : ■ ' • - - j 



In DHCT 333, EMW 413 is decrypted using private key 337 belonging to DHCT 333 and 

. . . , - r ■ r y ' , "^-'N' . •.- TO. - b ^ 

10 the sealed digest is decrypted using CAA public key 415. If the digest confirms the 

correctness of the contents of the EMM, EMM manager 407 allocates storage for the 
entitlement agent whose public key is contained in EMM 413. That done, EMM manager 
407 places the entitlement agent's public key in the storage. The storage provides a place 

to store the entitlement agent's public key, the authorization information for the services 

-■ - / .CM : V' ^• ■ t: ^ i; :.iL..' ?a : kic' • 'f 

15 and service instances provided by the entitlement agent, and the MSKs provided by the 

entitlement agent. Once DHCT 333 has the entitlement agent's public key and storage for 

' the ehtitlenieht agent's autiiorization inform and MSK, EMM manager 407 can 

resjibnd to EMMs from tiie entitled Of course, in order to decrypt the sealed 

digest, DHCT 333 must have public key 415 for the conditional access authority. As will 

20 be explained in more detail later on, in a preferred enibodiment, public key 415 and the 

public and private keys for DHCT 333^ are installed in DHCT 333 at the time that DHCT 

333 is manufactured. ^ 

• r. : ' -rj. i» V- ■ J:r. ■■- . .r? VL 
When a customer orders a service, the arrangements just described interact as follows: 

25 1 . If the service is provided by an entitlement agent for which the customer's DHCT 

333 does not have th6 "public key, the conditional access authority must first send 
' ^ ' ' EA aliocalion fiM 

allocating stbrage for the entitlement agent. Only the conditional access authority 
can' send EA allocation £MM 413, and consequently, the conditional access 

30 ^ authority (CAA) can control access by entitlement agents to customers of a 

particular service distribution organization. 
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2. If DHCT 333 has the entitlement agent's public key, either because step (I) has 
just been perfonned or was performed at some time in the past, the entitlement 
agent sends modification EMM 405 with the authorization inforxnation for the 
newly-ordered service pr service instance to DHCT 333. EMM manager 407 

5 responds thereto by storing the authorization information in the allooat^d space. 

3. Once step (3) is done, DHCT 333. can receive EMM 3 1 5 with the MSK for the 
service from the entitlement agent. EMM manager 407 stores the MSK in.the 
allocated space. 

4. When the actual service instance is sent, it is accompanied by ECMs, containing 
10 the current control^ word. The MSK i^ used to decrypt the ECM3 and the control 

words obtained from the ECMs are used to decrypt the instance of the service. 



15 
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The above use of EMMs and ECMs to control access to instances of a service thus 
guarantees that no enthlement agent will have access to DHCT 333 without permission of 
the conditional access authority and that no DHCT 333 will have access to an instance'of 
a service without permission of the entitlement iigent for Xhe service. It also makes it :^ 
possible for the entitlement agent to be in complete control of the service. Access to the 
service is defined by the EMMs 405 and 3 1 5, and these may be sent by. the. entitlement 
agent to IDHCT 333 independently of the service distribution organization. Further, it is 

the entitlement agent which provides^the MSK used to generate cpntrql words and.decrypt 

' , . ^. ,j. '.'jrT 10 r*-' ./ .«'■ '. I* t- ^ ^ •' i » /.tj 

the ECM to both the service distribution organization and DHCT 333. Indeed, if the 
entitlement agent wishes to do so, it can itself provide encrypted ins]tances^of the services 
to the service distribution organization, which, in such a case, merely functions as a 
conduit between the entitlement agent and DHCT 333. 

Secure Transmission of Messages via the Reverse path 

FIG. 4 also shows how the techniques used tq ensure the security of EMMs are also used 
to ensure the security of messages sent from DHCT 333. The example shown in FIG. 4 is 
a forwarded purchase message (FPM). The forwarded purchase message is used for the 
30 interactive purchase of an instance of a service. One example of such a purchase is what 

is called impulse pay-per-view^^ or IPPV. In such a system, the beginning of an event, for 
example, a baseball game, is broadcast generally and customers can decide whether they 
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want to see all of it In that cSase/they must provide input to DHCT 333 that indicates that 
they wish to see the entire event. EmK4 manager 407 responds to the input by making the 
FPM knd lending it to the entitlement agent so that the entitlement agent can charge the 
' ' (Customer for the event and send an EMM' 3 1 5 confirming that DHCT 333 may continue 

5 ' ' to decrypt* the event. TKe information needed by the entitlement agent is forwarded 

entitlement information 417; to ensure the privacy of the customer, this information is 
ehcrypted using the 3DES algorithm witli a key 420, as shown at 343, to produce 
encrypted forward entitiemerit iniformation 419. The key 420 is composed of two 56-bil 
DES keys. The 3DES encryption operation is a sequence of three DES operations: 

10 encryption using the first DES key, decryption using the second DES key. and encryption 

using the first DES key Then key 420 is encrypted using the public key 335 of the 
entitlement agent aindthe sealed digest is made using the private key of DHCT 333. All 
of these parts together make up forwarded purchase message 42 1 . which is addressed to 
the erititlemeht agent. 

- • . - *■ ,* ft"" / \\ r T^ 'it r^r.. \ . \"^ ."-^ -'U \ 

15 ■ ■ ' 

At the entitlenient agent, key 420 is decrypted using the entitlement agent's private key 

f ; t:rv-:;v ; ■ M :>:. i:^. , - w: * H/i^-rri-r ^/ Jar rr:^5v:''j Tt^i ^ : r::;--:'/ r j ^ ^ 

310, arid the sealed digest is decrypted using the public key 3 12 of the DHCT. If the 

^ Ehcrypted Foirwarded Erititlemerit Information (EFEI) 419 contained in the FPM 421 is 

determined not to have been tamipered with, it is passed to 3DES decryption 443, which 

20 decrypts it using key 420 and provides forwarded entitlement information 417 to the 

entitlement agent. As will be immediately apparent, the same technique, with or without 

the 3 DES encryption of the contents of the message, can be used to send messages to any 

^ entity for which DHCT 333 has the public key. At a minimum, this includes the CAA 

and any entitlement agent which has been allocated memory in DHCT 333. 

Auihehticatioh of Global Broa^^^^ 

A global broadcast message is one which is not addresseid to any individual DHCT 333 or 
to any group of DHCTs 33 3 . In a preferred embodiment, global broadcast messages 
accompany instances of services and contain information that is relevant to the instance 
30 ^ ^ they accompany. Consequently, the encryption and authentication techniques used in the 
global broadcast niessages must permit rapid decryption and authenticity checking. One 
ex^ple oif a global broadcast message is the ECM. Other examples are the different 
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types of global broadcast authenticated messages, or GBAMs. As with ECMs, it is 
necessary to prevent global broadcast messages from being spoofed, and it is done in the 
same fashion as with the ECMs. More specifically, the digest. is made using some or all 
of the MSK together with the content of t^^. global ^broadcast message. . The M§K thus 
5 functions as a shared secret between the entitlement agent and DHCT 333. When EMM 

manager 407 receives the global message, it makes a digest using the contents of the 
received message and the MSK and responds to the received message pnly if the digest 
agrees with the one contained in the message. An advantage of using a digest made with 
the MSK to authenticate the global broadcast message is that the digest may be both made 
10 and checked very quickly. 

Implementation of the Conditional Access System in a Digital Broadband Delivery 
System 

The foregoing has described the conditional access system in terms of ECMs. EMMs, and 
15 Other messages and in terms of the manner in which the messages and their digests are v 

encrypted and decrypted. The conditional access system as just described will work with 
any communications arrangement which permits an instance of a service to be delivered' 
to a DHCT together with ECMs and other brpadcast messages and which pemiits. the 

DHCT to receive EMMs from a conditional access authority and one or more entitlement 

- ^^ ; ■ .fi.;i ^ D^": -^-r ' . t -"^r, . - ? ^-;r:^ ,i 

20 agents. The conditional access system is, however, particularly well-suited for use in a 
modem digital broadband delivery system, and the following will describe how the 
conditional access system is implemented in such a delivery system. 

Overview of the Digital Broadband Delivery 3y$teni: FIG. 5 , 
25 FIG. 5 provides an overview of digital broadband delivery system (DBDS) 501. DBDS 

501 includes service infrastructure 503, a headend 515, a trjansport infrastructure 517 
hubs 519 (0 ... n), access networks 521 (0 n), and Digital Home Conununications 

Terminals (DHCTs) 333. The service infrastructure cojisistsuo^ Value-Added Service 

... .'. '^^rl jrt;r':/.?»---:r::r • . : . :o ' ' v 

Provider (VASP) systems 509, which are systems that provide services to the broad band 

delivery' system, the Digital Network Control System (DNCS) 507, which manages and 

controls services provided by means of DBDS 501 , the Administrative Gateway (AG) 

505, which is a source of service provisioning and authorization information in DBDS 
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501, Network Management System (NMS) 511, which maintains a database of system 
status arid peffomiance infbrmatibh, aiid fhe Core Network 513, which interconnects other 
Service Infrastructure 503 components with headend 515. In a preferred embodiment. 
Core Network 5 1 3 consists of ATM-based switching and transmission facilities. Headend 
5 515 provides ah mterface between service infrastructure '503 and transport infrastructure 

' 517. -Transport infrastructixre 5 1 "7 prdS^Mes a high-baridwidth mtercohnection from 

- headend 515 to hubs 5 19(0 An). Eacli hub 519(i) serves ah access network 521(i), which 
consists of hybrid fiber coax (HFC) iiocies 523 connected via a coax bus network to 

' DHCTs 333. A given DHCT 333'Xk) in DBDS 501 thus belongs to an HFC node 5320) 
10 in an access network 52 1 (i). Transport infrastructure 517 and access network 523 may 

pfovide only a forward charthel from heaU end 515 to ai given DHCT 333(k), but 
preferably provide both a forward channel and a reverse path. Each instance of a DBDS 
501 generally provides; service' to a nietropoH^ * 

15 DBDS 501 can be implemented iii a vaneity of configurations to fit the circumstances of a 

particular service environment. For example, headend equipment may be deployed 
within headend 515, within a hixb' 5'19'(iy?br as jiart 6^a VASP system $09. DNCiS 
components 506 may be 'deployed Within hfeadehd 51 5 or distributed among the hubs 519, 
Transport infrastructure 517 may utilize SONET add/drop multiplexing, analog fiber 

20 technology, or other transmission technologies. 

OverView of the Conditiohal Access System 

FIG. 6 shows the components of a preferred embodiment of conditional access system 

5 • ■■■ p ...... r-y ■ /. , 

601 in DBDS 501. Conditional a[6cess system 601 is a collection of components DNCS 

25 507- headend 515; aihd I)HCT 333 thkt together provide seciirity and conditional access 

- services; - ' 

The boniponents of conditional access'iystem 60 1 perforai'thc following functions: 
■* 1. - 'encrypting the service ccto ' ' ' ' ^ 

' 2. ^ encrj^ting the control Words used for s^ 
30 ' * '''3; ^ authenticating the ECMs tha^confiiii the encrypted control words 
* 4: • passings the ECMs t^ . . : v: v : - -i; i - 
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5. managing a subscribe^ authorization - . . ; 

6. encn'pting and authenticating EMMs containing sujjscriber . entitlement 
information . , , . . , . . . . . 

.7. , passing the EMMs to PHCiTs , - , ; - j . .. 

8. . decrypting .the EMMs and checking thpir ^iiihenticity at the DHpTs. ; • 

9. responding to the ENf Ms; modifying entitlement inforpiation in the DHCTs 

1 0. , responding to the ECMs by auAent^cating them, decrypting the control word, and 

checking entitlement at DHCT 333, and . . , ^ ^ i < , 

1 1 . . if the ECM is aulhentic,and .tjie authorizations permit,, decrypting the service 

content. . ^.^ . m 

These requirements are met by the fpJJowing components of conditional access system 
.601: , . : - / . 

Stream Encr\'piion & ECM. Stre^er Mqdules^62Q in head end 515; * 

Control Suite 607 in DNCS 507; 
1. Transaction Enc^pu 515^.^with'seal^e^link^ 

III. Security Manager Module 6^^ 

ly. DHCTSE627inDHCT333.,. , . . . . ^ , : 

FIG. 6 depicts a typical configuration of these components for securing digital services 
within DBDS 501. In the following, pie^coi[nponent| will bp jlescribed in nvore.detail. 

. Service Encryption & ECM S^f earner ModuJie 620 . . , - 

Service Encryption and ECM Streamer (SEES) module 620 is a;:<x>niponent of QAM 
Modulator 61 9 that operates under direction of control suite 607 to encrypt the MPEG-2 
transport stream packets that ar^.^emplpyed in tt^e pr^ferrnd embpdiment to transmit 
service content 325; As shovm in FIG. 6, sej^yic^? -^^P^pot 3^$ ma,y ,be received from 
sources such as a digital satelhte distrib^^ terrestrial distribution 

system 6 11 , or a media server 609. Media server. 609 jnay, be connected to head end 5 1 5 
by a broadband integrated gateway 615. SEE3 62p,u$es MSK 309 to generate the conu-ol 
words 319 used for service encryption and creates ECMs 323 for transporting the control 
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words together with encrypted service content 329 within the outgoing MPEG-2 
' Transport Stteaift. SEES 620 encrypts ^tK^e c^ontfbl Words in the ECMs 323 with MSKs 

309. THfe MSKs'are generated by TED 603 and ait sent to SEES 620 in encrypted form 
- itf EMM4ike messages. ^ \ 



: DHGT333r'-'* ' - ' '' '' • ^ ~ ' ' ' ' ' 

DHCf 333 ii coniiected between the HFC network 52 1 and the customer s television set. 

- - bftiCT 33i reedves and interprets EMMs, ECMs, and GBAMs and decrypts instances of 

' serviced. DHCT 333 ftirther provides the customer interface for DBDS 501 and receives 

10 custdmer input 628' from the customer. In response to the customer input. DHCT 333 

may generate FPMs or other messages that travel via the reverse path to the CAA or to 

EAs. in a preferred embodimehtrDHCT 333 is implemented using a combination of 

general purpose proceissors, ASICs, and secure elements (which may be implemented 

discretely or integrated). For purposes of the present discussion, DHCT 333 has three 
- .-r- . -r- • ^ s'::! ^;J^o:,/'^: "5- ' ■ • • 

15 imfiorfant components: service decryption module 625. security manager 626. and DHCT 

' [ ' 'sediire element ^627. Service decryption module 625 is preferably 

implemented in aii ASIC, and secimty manager 626 is preferably implemented in 

Software. DHCT SE 627 is a secure element for performing security and conditional 



access-related functrons. 



Service Decrvptor Module 625 

Service decryptor module 625 is the component of DHCT 333 that decrypts the encrypted 
^MPEG-2 trMispbrt stream packets. Service decryptor 625 receives the control words to be 
used for service decryption from DHCTSE 627. DHCTSE 627 controls which transport 

25 stream packets are decrypted by only passing the control words for authorized services to 

. ^. . .... ' t-.;.: ""'"y \ i * ^ ^- C-'^-^ - ' * 

seivice deciyptbr 625.* 

Security manager 626 

' Security ihahager 626 is a software module of the DHCT that provides an interface 
bfetvireen applications ri^^ 333 which use the conditional access system and 

30 DHCTSE '627. ' It also coordinates processing between the service decryptor module and 

DHCTSE 627'. .. ^ 

-^Z^'. ^-J V oi' u ' 
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DHCTSE627 . . , 

DHCTSE 627 stores keys, interprets EMMs and EpMs, and produces FPMs. With the 
EMMs and ECMs, it does the decryption ^nd authenticatiorv required fpranterpre^^ 
and with FPMs, it makes the sealed digest and encrypts the JFP^yi. Thus, in the preferred 
embodiment, EMM manager 407 is implemented in secure element 617. In addition, 
DHCTSE 627 provides encryption, decryption, digest, and digital signature services for 
other applications executing on DHCT p 3., Secure eleme^^ (DHCTSE^ 62? includes a 
microprocessor and memory that only the microprocessor may access. Both the memory 
and the microprocessor are contained in tamperrproof packaging. In interpreting EMMs 
DHCTSE 627 acquires and stores keys an4 entitlement informatipn; in interpreting 
ECMs, DHCTSE 627 uses the entitlement information to determine whether DHCT 333 
receiving the ECM has an entitlement for.the instance of the service vyhich the EQM 
accompanies; if it does, DHCTSE 627 processes thp^ECM, and proyidesLthe contRpj word 
to service decryptor module 625 in a form^that it may use to decrypt or descramble. 
services. DHCTSE 627 further records purchase information for impulse-purchasable 
services such as IPPV and stores the purchase data securely until the data is successfully 
forwarded via a forwarded purchasing message to control suite 607. DHCTSE 627 ?^ 
maintains MSK for the EAs, the private/public key pairs for.DHCT 333,. and the public 
keys of the conditional access autHorities and the entitlement a^ente^^ 



Control Suite 607 

Control suite 607 is a member of the DNCS family of software. Control suite 607 
controls the encryption of services performed by a SEES module 620 based upon input 
from the DNCS broadcast control suite component Control Suite 607 also maintains a 
database of subscriber authorizations based upon transactions received from 
Administrative Gateway 511. Control suite 607 generates EMMs for cpmmunicating 
subscriber authorizations and other conditional access parameters to the DHCTSE 627 

' ■ \ti' 

Control suite 607 acts on behalf of entitlement agents. The EMMs generated by control 

"r ■ . .': i / " i*T . :rj^ J: , ^t. /r.J * " ^ ^' V'i * • c.: * * :-. '-i:*^:' J:^ - 

suite 607 for conununicating subscriber authorizations and other conditional access 

30 parameters to DHCTSE 627 are encrypted with the public keys of the DHCTs.333 to 

which they are directed and are authenticated with the private key of the EA, which is 

maintained by transaction encryption device (TED) 603. DHCTSE 627 maintains the 
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public key of the EA and uses it to confirm the authenticity of EMMs generated by 
' control suite 607 for the EA. ' * ' 

Cdntrol Suite 607 filuther eiiable^ the establishment of a conditional access authority 
5 ' (CAA)/ Control suite '607 graerates EA'allbcatibh EMMs 413 whidh pass the public key 
^ ' of the EA to'a DHCtSE 627: TheS(5 EMMs 4 l 3 We encrypted as describeU above, but are 
'^ authenticated using a digital sigiiature ma!de with the private key of the CAA, which is 
maintained by TED 603. DHCTSE 627 is pre-provisioned with the public key of the 
' - CAA for use in confirming the authenticity tfeese EMMs 4 1 j . 

Communications between cbh^dl suite 607 and ihe rest of conditional access system 601 
• are by means of LAN interconnect devices 605 and 6 1 Device 605 connects Control 
Suite 607 to Administrative Gateway 5051 from which it receives the information 
' necessary to malce ECMs and EMMs; and' device is 1 7 connects it to the SEES modules 
15 620 in the QAM modulators and to QPSK modulator 62 1 and QPSK demodulator 623, 

which are in turn coimected to HFC network 52 1 . The connection between Control Suite 
607 and DHCT 333 via LAN interconnect device 6 i 7, modulator 621, demodulator 623, 
^ -- arid HFC -network 52 rirfiplemehts fc^^^ reverse piatii needed for mfessages such as FPM 421 
and also implements a forward channel to DHCT 333. This forward channel is 
20 independent of the forward ch&hne^l iised to provide the services. In conditional access 

system 60L Control Suite 607 can send EltfMs or broadcast messages to DHCT 333 
either by the forward charinel just'described or by sending them together with an instance 
of a service; 

25 Transaction Encryption Device iS03 - 

Transaction Encryption Device (TED)^63 serves as a peripheral to Control Suite 607. 
TED 603, under the direction of tdntrol Siiite 607, eiicrypts and makes sealed digests of 
' vaiious conditional ac^ieiss sykeih'W TED 603 may ialso 

• ^ generate and istore (NlSKi) >Xrhich are used by 'SEES 620 to encrypt the control words in 
30 the ECMs arid to decrypt the control Words in DHCTSE 627. TED 603 further uses the 

MSKs to authentidate the global broadcast message class of cbriditiorial access system 
messages. Authenticatibn is done by hasihing the cohtehts of tKe message together with 
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some or all of the.MSK. TEp.603 decrypts and yjerifies the authenticity, of Forwarded 
Purchase Messages 421 sent from the DHCTs 333 as well as other messages sent using 
the reverse path. TED 603 maintains the private keys of the CAA and the EA and 
receives from the DNCS the public keys pf the; DHCXs from.y^hich it receiye^^ssages. 
5 As will be explained in more detail below, TED 603 receives. the public keys from a 

source that confirais the authenticity of each key.- -TED 603 finally makes a sealed digest 
for the EMMs using the private key^of ]the AA aod EA ^ appijopriate fo;; the EMM. 

Using the Conditional Access System to SMpport Services and Programs Executing 
10 in DHCT 333 or Service Infrastructure 507 

The conditional, access system can be utilized ^to secure the provisioning of a service or to 
provide security services to prpgrams executing 09 PHCX333 or programs in Qontrol 
Suite 607. Secure service provision does not require that the QHCT programs that 
support the service be secure. The reason for ,thjs is rfiat the -foUowing.may be.done only 
15 by DHCTSE627inDHCT333 or.by aTED.603: , . ^ 

• generation of the MSK; , . 



storage of the MSK; . . 



_ _ • Storage of the keys needed to J 

check sealed digests; , . _ ^ \. . , . ^ :-. 

20 • storageofAe entitlement infom it? 

• encryption jmd/or decryption of EMMs; . 

• encryption or decryption of the control word; _ . 

• provisioning of the MSK to SEES module 607 and the decrypted contwl word 
to service decryption module 625; 

25 • making and checking digests with shared.secrets; . ... ...... > 

. • making and.checking sealed digests; - . _ t 

• confirming that a DHCT 333 is eiititled to receive a service, . : , : ; 

A program exeputing qn DHCT 333 or a {^rpgipm ix^ control siMjte ^07 has no acc^s to 
any of the information stpred in DHCTSE 627 or TEP 603 and .can thus do nothing with 
30 EMMs ^pd ECMs beypnd asking DHCTSE: 62Zor TED 603 to generate or interpret them. 

For example, when DHCT 333 receives anJEM it simply passes theEMM to DHCTSE 
627 for processing;, when it receives an ECM. it dpes the.s,ame; if the authorization 

.27 
... SUBSTITUTE SHEET. (RULE 26) 

BNSDCXID <WO 99O71S0A1 I > 



wo 99/07150 PCTAJS98/16145* 

information contained in tHe ECM aiid stored in the DHCTSE 627 indicates that DHCT 
333 is entitled to the service, DHGTSE 627 provides the decrypted control word to 
service decryption module 625!^ ; . ^ r. . : 

5 The conditional access system can also do security checking fbr programs generally. For 

example, a program executing on DHCT 333 that requires downloaded information from 
a server application may expect that a sealed digest Wsfe' added t6 the mfbrrbation before it 
: ^was'downloaded^ and the progfain rnay use DHCTSE 627 to che^ sekied digest and 
determine whether the infoririatioh is authentic, but it is up 16' the pfbgrani to decide what 

1 0 to do with the infonnatidri When DHCTSE 627 indicates tfiat it is not autheiiti^. • 

Details of Messages in Coiidiitional Adi^^^^^^ ''^ 
In conditional- access system 60 1 / the ECM: tte^'£MM;^th6 FPM, and the GB AlCl are all 
• ' different types of conditionaraccieiss messages. ' The conditional access messages all have 
15 a common format, namely a header, the messagfe it^^ and a message authentication 

code, or MAGr' The header ' ' 

^ . . ^ - • ' xh6 type'of Ihe itfessage; 'Edl- ^ 

something else; ' * * " 

• the length of the message; 
20 an identifier for the con&tiohal^ 

- an identifier for the type 6f-se8iirity aigoriihni liseci with the message, 
' - * iricliiding encryption of the rriessage Md authehticatioh of its contents; and 
. / : the length' of the message toxitent. ^ ' 

The header is foUowed'by the encrypted message and the MAC, which, depending on the 
25 messiage type; may he a sealed digeit br a digest made with some or all of the MSK 

together with the mefssage/ • ' ' * ^ ' ' " " ' ' " - 

' In digital brbadband deliVery system SOlf C A mes^^^ either in a MPEG-2 

data'stream or in an IP packet, that is^a packet rfiade accordihjg to the mles of the Internet 
30 Protocol. Also, other transport protbtols such as ATl^ may l>e iised. Ih the preferred 

embodiment, messages from control suite 607 to DHCT 333 may travel in MPEG-2 or IP 
packets; messages from DHCT 333 to control suite 607 travel as IP packets on Ae reverse 
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path provided by QPSK demodulator 623 and LAN interconnept device 6 17. : In general, 
messages tp PHCT 333 which are closely associated jyitJ^ particular4nstances^f services, 
such as ECMs and GBAMs, travel in the MPEG-2 data iStreajn; EMMjs.may traveLejther 
in the MPEG-2 transport stream or as IP packets via LAN interconnect device 617 and 
5 QPSK modiilatG^ 621. L?: .-y^ - , ^ » ^,1 

CA Messages in the MPEC;-^ . ; 

FIG. 7 is ?L schematic represent^ion of ja^t MREG-2 Uranspoij- sjream. 70 1 . An,MPEG-2 

transport strea^^n is made up^pf .a.^equence of 1 8,8-^byte^ long transport packets 7.03 >. - The 

10 packets 703. in the streanj capy in.^9miation that; when cqmb|yied atiPHGT 333. defines 

an instance of a service and the access rights of a given DHCT 333 to the service. There 
are two broad categories of ^informa^n: pro^r^ ^0% which is the infQrmatipr\;|ieerded to 
produce the actual pictures and sou^d, and program specific info|nnati,on .(P§[I) 71 1 . which 
is; information concerning, n^atters-such fsAow the tr§nsppn sueamjs^^ sentac^oss the 

15 net\vorl^^bPw.th(^ program 7Q^ d^ is use^i ^f^ Jimi^acees the 

program 709. Each p^ j^e^se brp^d.9^ 

exzmiple, grogram 709 may^jpg^udq yjc^ audio --^ 

information. " . r> j • n - 

20 Each transport packet 703 has a pacjket^^enti^jer^pr PID, and all of the packets 703 that 

are carrying infoimatign^for giyen ,su^^ wilLhave t^e sam^^ PJP. Xhus. in FIG. 7, 

the^ackets^capying, yideo 1 ^11 haye^P|pj^^), an^ the packets bplotiging to that 
subcategory are identified by 705(a). S^iniil^y,^tUe packets carry i^^ Audio, 1 all have 
PID (b), and the packets belonging tp th^ C|ijegojy,are identified.by^ 705(b),. ; A . [ 

25 subcategory of information CM^thu^s be^ ifientifipd by the.PID of its pac^e^. , As shown at 

output packets 707, the output from mux 704 is a sequence pf cpntipuou^ individual 
packets from the various subcategories. Any part or all of MPEG-2 transport stream 701 
may be encrypted, exce^t^that packet headers and aciaptatiipn fiel^^e never encrypted. 
In the preferred embodiment, the s^^^ inakinjg iqi program 709. are encrypted 

30 according to the DES algorithm, >vith the, cprvfrol word 9s a key. , , - , . 
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Two of the subcategories are spefcial: those idenfified by PID 0 (705(e)) and PID 1 
(765(c)) list the PiDs of theVtheir pa:ckiets assbdated vrt and thus can be 

iised to find^slirdf the information associiited 'with any serviced Tlie packets in PIE) 1 
' 705(c) have ais their tbntehts a cbndlfiohal access table 710, which lisits the PiDs of other 

5 packets that'cbhtain EMMs; t)ne set of such'packdts appears as EMM packets 705(d), as 

indicated by tifie arrdW'froih dATTlO to pabket 765(d). Each packet 763 in packets 
705(d) contains private information, thait is, irifonriation which is privaite to conditional 
access system 66l : As will be'fexpiairied in more detail below, private information 713, 
for the purposes of this invention, is a sequence of C A messages, each of which contains 

10 ~ ah EMM, and private information 71 9, is a seiquerice of messages, each of which contains 

The packets in PID 0 705(e) contain a program association table which lists PIDs of 
packets that are associated with a particular instance of a service. One such set of packets 
15 is program maps packets 705(f), which contain a program map table 7 1 7 that lists, 

-I ..... ... , X ... ^ ..'"vl^':-/*" N :%)'^-]\ -. ; . i 

amongst other things, the PIDs of triarisporf packets 703 containing ECMs for the 



20 



' projgridin. One su6K ^et of packets is shown at 705^g). Each of the transport packets 
cohtairi^ private' infoitnatib 
of which contaihs ah'ECM 



cohtairi^ private information 719,* whibH in this case is a'^ sequence of CA messages, each 



FIG. 8 shows in detail how EMMs are carried in transport packets 703. The payload 
space 719 in the packets carries data from a CA^PRIVATE^SECTION layer 803, which 
in turn cohtsiins a sequence of CA messages 805, each of which contains an EMM 807. 
In the setis of packets 765(g) cafryirig EtTMs, the control words in the ECMs are encrypted 
25 ' using the 3DES algorithiri with the MSK as key; in the sets of packets 705(d) carrying 
' EMMs, the EMMs are encrypted using the public feey of l)HCT 353 for which they are 
intended. As will bb iinmediaieiy appafehCthe techi^qii^^^^ can be employed 

' to tnbysmit ^y CA miessage 865 as part of m NlP£G-2 trair^^ stre^. 
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Mapping CA Messages, into IP Protocol P^^ . . ; - . 

FIG. 9 shows how EMMs are niapped into, the, Inteqiet Protocol (IP) packets used to 
cpmmunicate between control suite 607 and^HCT 333.yia LAN device 6,1 7 and QPSK 
modulator 62 1 and demodulator 623.^ An; IP pjicket 903 is,a yari^ble-length packet that 

5 consists simply of a header and a pay load. The header cpntains source and destination IP 

addresses for the packet. With an EM|^, th^, ^Qurcp adjdress is the IP^ address of die; CA or 
EA, and the destination address is the IP address of DHCT 333. . lathe preferred: • • 
. embodiment, the IP address pf DHCT 333 is constructed using itS; serial. number The IP 
addresses in PBDS 501 are partitioijed by HFC node 5.23. The: paylpad of the IP .packet is 

10 a packet 905 belonging to the User Datagram J^rcOtpcol (UDP) whicKhas as* its pay load a . 

CA_PRIVATE_SECTION 803, which in turn contains a sequence of CA messages . 805, 
each of which contains an EMM 807. 

ECM Structure Details: FIG. 10 , 

15 FIG. 10 shQ\ys Retails of the structure of an ECM 1008 and shows the mapping 1001 from f v 

an ECM 1 008 to a set 705(e).Qf MPEG-2 transport packets 703 . As.before,,the data of a C 
C A PRIVATE SECTION. 803 is carried in a set of MPEG-2 transport packets 703 with ^ 
the same PID. The data is a header 1 003 for private section 803 and a seauence of C A 
messages 805, each of which includes a CA message header IQQ5, ^i; CA ECM ir^essage 

20 1007, and an ECM MAC 1013. CA ECM message 1007 and ECM MAC 1013 together 

makeup ECM 1008. 

• . . •'^: ':-f : : .. r^' ti .j "V?.. c:^-^ "vi \ t .:: : - ..yi^ 

FIG. ^10 also shows bow the control word is^protected in ECMT008,and hpvy ECM MAC 
1013 is pro^dyced. The control word is a random yaJue tM is either encry pted using 

25 3DES encryption or created by encrypting.a qoMntjer value using 3pES enQryp^^ using 

the MSK as the key. .In either case, the preferred embpdiment calls for an MSK which is 
made up of twp 56-bit pES ke;^s^ juid .the 3DES encp^ptipn operation 1$ a sequence of 
three DES operations: encryptjoii HSing the first pElS key^ decryption .using thp second 
DES key, and encryption using the first DES key. The control word, too, may have even 

30 or odd parity. As shown at 1 01 3, the odd control word (after suitable encryption) 

becomes part of ECM_entitlement_imit_message 101 1 , and, in its non-encrypted form, is 

used together with some or all of the MSK as input to the MD5 one-way hash function to 
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produce ECM MAC 1013. The same procedure is xised with tHe' even-parity control 
word. The contents other than iHe contix)! word of ECM_ehtitlement_unit_rnessage 101 1 
will be examiried-in more detail lateti ' ■- *• ' ' » '. • 

5 EMM Stnicture Details: Ffc/lV ' • . " 

FIG. 1 1 shows a CA message 80^' wliicH contains aii EMM 1 1 12. CA message 805 has a 
header 1003, a CA EMM message i 101, zthd' si scaled digest 1 103. C A EMM message 
1 101 consists of CA EMM message headV 1 105, EMM xriessi^e 1 1 07, and CRC error 
detecfioh code 1 1 09; EMM message 1 1 07 in its ttifn contains EMM header 1 1 1 3 and 
10 EMM_inside_dataa 1 1 5.- EMM Jnsi'de.dat^ 1 1 5 is encrypted lismg the public key of the 
~ DHCT 333 for which it'is intended, fhfedatja Which is'eiicry^ted is EMM data 1 129, 
which in turn is made up of EMM Jnside_header- i 1 23 £«i EMM cofnmand_data 1 1 25 
together with padding 1 127. EMM data 1 129 is also input to the MD5 one-way hash 
function to prodiice EMM MAC 11 19 and^sealed digest 1 103 ^s made bV encryplmg 
15 ' EMMrsigningl^heider 11 17; EMM N)li4:c ti 19, EMM^lg^^^ 1 1 7, aiid'padding 

- V i 1-23 with the private key of either an ent'itlfeM^ conditibnal access authority, 

depending on' whafltiM'bf EMM it k' i^- - • - 'V i ■ ; • ; r 
ij • i-: , i • ~.Z ".y. 'G ;,,:,i:*5!-:i>; ''.v' .-:;■"■>•:"!. .■ c",( i....'- TifK'. 

< 

The EMM_signing_tieiider is infoniiatbn froiii the EMMJinside_header. 

20 information is particularlrserishives sttirf is' (jofhsequehtly enciyjjted b^^ both thfe public key 

of DHCT 333; for privkcy 'reasons; and tKe 'p^^^ key of the^ Entitlement agent or the 
conditional access authority, to apply a digital signatiire.' Upon reception, and after the 
privacy decryption, if the signature verification falls', Ae EMM % discarHed by buCT 
333. Included in this information are 'an ID' fdf^^ system, the type of 

25 ' the C A rhessage^ the serial nu'rtfbei' c^f thW fecrdjirii^essdr iii the DHCT's ibiliCTSE 627, 
anldentifierfdf die CAA 6r EA which i^'thfe Soufd^'of'theEMM, anliidication of which 
- of the three piiblic^eys fdi- the'CAA i& MCT 333's secitfe element is to he used to 
decrypt the Sealed digest, and an iridicatidii bf tfieVdirniat of ^iie EMM. The contents of 
EMM conunand_data 1 125" will be explained iri mbi-e^btail in tfieWusslon of the 

30 operations performed using EMMk/" ' • " ' ^ . ' 
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Details ofDHCTSE 627: FIGs. 12-14 - ; , . 
DHCTSE 627 has five main fupctions in 9Qnditio,nal access system 60 1 : . ? 

• It securely stores keys including the pqblic private, keys for pHGTr333, 
public keys for the CAA, public keys for EAs from which DHCT 333 is 
authorized to receive services, and MSKs provided by t^ose pAs. ? . . ^> 

.. • It securely stores entitleineijt .informs sentJby the EA5. . . . ; . ; . ^ 

. • Jt decrypts, authenticates,. andrespondsjQ EMMs.' , 

• It decrypts tjie contrpl >yords. in. the ECMs, authenticates, the ECMs, and when 
DHCT 333 is authorize^ to receive the service instance to whiqh the ECM 

^ ^ belongs, it provides the pontrol >^prd .to service decryptor 625. ^ ? • . 

• , It provides encryptiqn, decj^^ptipn; an^d authentication services?to applications 
, runningx)n pHCT.333^,, • ^. , ;/« ; :v 



• 



DHCTSE 627 includes a micjopro^essoi} ojf^p?rfonning pES.)v spejci^^lized 

. ^^'.f .^P^P r fcf^l! s ^P:^S^:af>^??^ W %r^ipgl.e,tainperrpjp.Qf ^^^^^ Ji: 

such as a package that upon attempting to access U>5 irrfojro^^^^ .^ithin the ^. 

information is destroyed. Only the components of DHCTSE 627 have access to the 
information stored in tlie securej^pp^ory elements.,, Any attempt by. ^. user to* gaip access 

20 to any jOf the parts of MCTSp^ 627 r^j^^rs pHCTSE,627 unusable ^4 its conte^jts f . 

unreadable. DHCTSE, 627 m^y b^ ap j^Qgral par^ otf DHCT 333 or it ma>r bje contained 
in a user-installable module sqch a^ a ^^sm card" .Jhe.uspr/'personalizes" the DHCT 
333 by installing the module in it- , . - ... 

FIG. 12 provides an ov^p^ie^^ of, DHCTSE, 627, . As shown, the; 

25 components of DHCTSE 6?7 a^^ 12Q5, Beginnj^ng yyithrinjtcrface 

1203 to the general ,purpo§e.processoj wpoj^ ?vjiich applications expcute. in DHCT 333, 
intoface 1203 ^rmits passage of datajbe^^m the,re;B[iai^^ 333 
and DHCTSE 627, ^uf^pps jpo^peinjit qpiifiponj^tsin the Jiem^ to 
address and read the contents of secret value? in memory-in DHCTSE 627. 

30 Microprocessor 1201 executes the code for doing encryption, decryption^ and . ■ , 

authentication and interpreting EMMs and ECMs; RSA hardware 1217 is special 
hardware performing the calculations involved with RSA encryption and decryption. 
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Memory' 1 207 contains the code executed by microprocessor 1 20 1 , the keys, and the 
entitlement informatidh. In a pi'eferred enlbbdiriient, theire are two kinds of physical 
memory in tnemc/fy 1207: ROM 1219, which is read-only niemory whose contents are 
fixdd when DHCTSE 627 is Wanufactiired, and non-volatile memory (NVM) 1209, which 
can be read and written like normal random-acciess memory, but which retains its current 
values when DHCTSE 627 is without power. Non-volatile memory 1209 is organized as 
a set of non-volaLtile storage cells (NVSCs) 12 1 1 (0 ri), as described in ti.S. Patent 
5,742,677; Pinder, et al., Informdiiori Termind^^^ Recorifigurable Memory, filed 3 

• April 1995. ■ ^' ' ^ ' ■ 

As will be explained iii greater (detail berbw,'c6de executing in microprocessor 1 20 1 
dynamically allbtates NVSCs 1 21 1 to entitlement agents: In the prefeirfed' embodiment: 
N VM 1 209 is used for the storage of information which can be Rewritten by means of 
EIUMs, arid ROM 1219 is used for code which wiirnot change during the Hfe of 
15 DHCTSE 627. - ' ^ ^ '^••lo 5\:y VAX r :ch' i'-Z: 1 u .r 

FiG. 1 3 is' a^ Schematic overview of the cohterits of memory 1 207 in DHCTSE 627\ The 
memory 'is divided into tW6 main parts: read-only storage* 1 301 V 'wHich contains code and 
" either irifoimatiori that db^s not change as a result of the interpretation of EMMs^and 
20 N VA storage 1 303, Which is hon- volatile storage thai changes as a result of the 

interpretations of EMMs. RO storage 1301 contains code 1305. 

Code 1 305 falls into ifdur categbiies:' code 1' 307 for the encryption, decryption, and 

authentication operaiioris performed by DHCTSE 627, code for interpreting EMMs 1313, 
25 code for ihferpretihg £CMs 1321, and code for liiandlihg other CA messages such as the 

FPM tod thfe GBAM. Code 1307 includ^ code if (J^ f&f theNlDS one-way ji^ 

algorithm, the fcdde 1309 for the RSA piiblic key algonihrn* and the code 131 1 for the 
■ SDES' algorithm. ' EMM code 1313 M^^^ 

EMMs i^eceivedifrom a conditibhal access" authority," code 1517 which interprets EMMs 
30 employed by the entitlement agents to configure the storage allocation they receive from 

the CAA, and code 1319 which interprets EMMs containing MSKs and entitlements. 

Code 1315,1317 and 1319 thus implements EMM manager 407 in a preferred 
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embodiment. The code for interpreting ECMs .1 3^1 decrypt$ the cpntrol word contained 
in the ECM and checks whether PHCT..333 is^peiTroitted to spc^^ss the instance of the 
scr\ ice tha! ihc ECM accompanies; if so, the codp provides ^the 49c;rypte4 control word to 
ser\'icc decr\ piion module 625 . The code for other CA messages 1 323 d^als with 
5 messages such as the FPM and GBAM. , . , . 

NVA storage 1303 has two main, conipo^ents: administrative storage 1330.^d.EA 
storage 1 33 1 . . Administrative storage 1330, contains DHfT keiys l325cCAA keys-1329, 
and CAA data 1330. Beginning with DHCT keys 1325, each DHCT 333 has two public- 

10 private key pairs. The public key of one of the pairs serves as the public key used to 

encr>'pl EMMs sent to DHCT 333, and the priyate key is used in DHCJ 333. to decrypt 
the messages: the private key of the other of the pairs is Aised to encrypt the sealed digests 
of messages sent by DHCT 333, and the public key is use4,by other,net\york elements to 
decrypt the sealed digests of messages received from DHCT 333. The pairs.of keys are 

15 installed in DHCTSE 627 when DHCTSE 627 is manufactured. r ; > : > , , ; # 

In a preferred embQdiment, the manufacturer of DHCT 333 maintains a certified database'i^ 
which has the serial number of each DHCT with the pair of public keys, . 

belonging to it. When a C Ai\ or EA wishes to begin sending E^Ms to a DHCT 333. it \- 

20 sends a message to control suite 607 with the serial number of the DHCT. Control suite , 

607 responds to the. request by requesting the public key for the DHCT from a database \ 
maintained by the manufacturer of DHCT 333. The database responds to the message by 
sending control suite 607 certified cppi^es of the public keys for the RIJCT; The 
manufacturer thus functions as the certification authority for the keys. Cpntrol suite 607 

25 stores the public keys in a database of its own. For details pn key certification, s^e 

Schneier, supra, pages 425-428.. Getting jhe public.kej^s for the DHCT from the 
manufacturer has two advantages: first,, it solves, the. problem of certifying the keys: 
second, because the public keys come firom the jnanufacturer and not from DHCT 333, 
there is no requirement in conditional access system 601 that DHjQT 333 haye a reverse 

30 path to control suite 607. . . ^. . 
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CAA keys 1329 aire pulilic keys for thie conditional access authority. In a preferred 
embodimerit, CAA keys 132^ iriclude diree public keys for the conditional access 
authority. These keys are briginilly ifiktalied when DHCTSE 627 is manufactured, but 
may be changed in response to EMMs, as will be explained in more detail below. CAA 
5 data 1 330 includes^parameters used by thW CAA in managing EA storage 1 33 1, and maps 

which map'NVSCs belonging to particular eniitiemra^ agents to^^-bit names and thereby 
permit the CAA and the entitlement ageritslo manipulate the NVSCs 1 2 1 1 by name. 

Entitlement agent 1331 has EA infdlnnatidh 1 33 1 'for each entitlement agent from which 
10 ^ DHCT 333 cbritaining DHCTSE 627 can ob^iiiVervices: The C'/^ uses EMMs io 

aillocate IsTVSCs 12i 1 for an etttitlemenrkgeht and the entitlement agent then uses EMMs 
to set tliie contents of its entitleltheh^^ 

FIG. 14 shows how NVSCs 1211 are organized into EA storage 1331 in a preferred 
15 embodiment. There are two kinds of NMSC's42a 1 c"'skiJmy^^NVSGs, as shown at 1405, 

^^^,^^4;^'^^^^ sho\vaat4499^. i^^jf^^^ " 

.NVSCs,, The storage I403;^^,w^^^ GAAcpublic keys, contains two 

pointers; one. 1402, to a free-list 1407 ofunallpeated skinny NVSCs and the.othfer. 1404, 
to an entitlement a^enj list 1 406 of allocated M JJ^VSGs 1 409. There is such a fat NVSG 
20 . , 1 409(i) for each enthleipent agent fronj \yhich PHGT 353 may receive services: Each of 
these NSVCs J409(i) may also. hay e-^ list 1411 of NVSCs, which may be skinny NVSCs 
1405, fat NVSCs 1409, or a combinati^ NVSG;1409(i) and its list of 

skinny NVSCs make up EA information 1333(i) fqr.an SA, Jhe fat NVSC 1409 is an EA 
descriptor. As shown at 1333(i), the? slpnijjf NY SCs .HI 1 contain information forthe 
25 services provided by the entitlement agent such as an MSK for a service, a bit map of 

entitlement information, and information needed for interactive services such as IPPV, 

ControVofNyAStorag^ l303 , 

In a preferred .em^bpdinien^^^ 1211 maybe 

30 ultimately controlled by<either the C AA.or DHCTSE 627. When the CAA controls 

allocation and deallocation, the,C,AA, jusually; representing the opejiatpj of DBDS 501, 
negotiates with each of the entitlement agents and agrees on an allocation of the various 
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types of NVSCs for that entitlement agent. ,5|A.admiyjistrative code 1317 check? when it 
is interpreting EMMs from an entitlement . agent to. enjsure th^t the entitlement agent does 
not use more NVSCs pf each t)^e than those aljop^^ : . . , . . 

5 When DHCTSE 627 controls NVA 5toragp ,1. 303, the .operator ,0/ the C AA.negotiates with 

each of ^e service providers and agrees on.^e.^?iUocation of storage needed,for:the 
services prpvided.. The CAA then sends an encrypted message to the entitlement agent. 
The encrypted message contains the allocation based on data types, and the entitlement 
agent prevents the service provider from asking for more resources than were negotiated. 

10 If DHCTSE 627 nevertheless receives requests for storage area above \yhat is ayailable in 

. NVA 13Q3, it indicates to the user of DHCT 333 via ihe.user interface that po mo^e 
storage is available and requests the user to either remove some service provider resources 
or to rescind the request. 



15 . , Details of C)^|iations^p^ified5by lEMMs : > ^ ^ ^ - ' i . . /rr, 

In the followihgt dxaSr^iiifes^M^pe^^ by gK4y& Wilf t^given/begiWrtt 

o ^ : with «£hanging a CAA public* k&5'7t^^tihiiihg'thi^'i^^^ irt-BflCf SE^ 

- 627; and ending with pfrbviding entitleinent iiifbrmatiori for bVoadcasts^everite, 
y interactive services. Irflhe prefeA-ed embpaiment,^^ Single CAA iontrdls tfief afridcation of 
20 ' ■■■^ EA Storage 1 3 31 "to entitlement kgerits: ' Fn foth^ 6mb6dimfents, there may^ be' more than 
< ' one GAAP Th6te are two^kinds of entitleMeritihforiiiation: that'^fbr ^broidcast iefVices and 
. that for int'eractive^^rvices. Storage forbfdadtast entitlements is more jieniianent than 
that for iriteractiVe ehtittemehf^J i')--^^' - 2 



The amount of memory 1207 in DHCTSE 627 is limited. The C AA manages this scarce 
25 resource arid allocates it to the entitlement agents from which DHCT 333 receives 

services. Different EAs may have different amounts of storage area allocated, depending 
on their needs. Once an EA has received an allocation from the CAA, the EA may 
configure the storage area within limits defined Sy ti&e CAA. Different EAs may have 
different 4imiis and di^eirent typbs -br^riiits*. 'At 6ne fextreiheV'tHe CAA only Vfestricts the 
30 total number of NVSts 12 1 1- -that an'EA rfiay havfe in its EA ihforrhStiori 1 333 ! the CAA 
niay impose tighter restrictions by' limiting the types" of NVSCis" 121 T aiid/or tfie niimber 
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of each type. In this way; the GAA can prevent the EA from offering specific kinds of 
sch'iccs and can limit the ambiint of such services offered, i.e., the amdimt of time that 
-such scrx ices iire'offered. - -' ii ^ : ; 

^ ■ .vJ jo: 1 f • /-^ Jr;:;: . .,1:... / • ,':\: 

When a CAA allocates fat and skinny NVSCs 1211 for an EA, it gives each allocated 

5 ; NVSC'1211 a"name'\ i.e. /each NVSC 1211 has an identifier such as an 8-bit identifier, 

that the CAA associates with the EA for which it has allocated the NVSCs 1 21 1 . The 

CAA and the EA use the name for the NVSC 121 1 to refer to it in EMMs that manipulate 

the NVSC, An NVSC's name need not have anything to do with its physical location in 

NVM 1 209. Since the name space is 8-bits wide, the names are assigned using a 256-bit 

10 map. If an entitlement agent has the name of an NVSC, it may make the NVSC into any 

type of NVSC as long as the type is one that is permitted for the EA and as long as the 

total number ofNVSCs of the type belonging to the EA does not exceed the limit set by 

the CAA that authorized the EA. 

Once ihc CAA has aUocated the. EA storage arp^ in the DHCTSE, it is up to the EA to 
'5 ,^ ^configure the^siojage^ar^ Th^ Jirst st,ep,ji?,to load cgr^iii.paramet(?rs:svcji.as a PIN into a 
descriptor for the EA. The second step is to determine which types ofNVSCs are to be 
used for the protected services to be offered. The names allocated by the CAA are then 
distributed among the various types ofNVSCs. Lastly, each NVSC is loaded by sending 
the appropriate EMM. 



20 



Addressing EMMs ■• ■ .■ l , ■-: - icc ■ r'-:;. 

? ^ In the conditional ^cess layer; EMiCts are'addressed td ^f specifid DHCTSE 627; indexed 
by G AA or EA.- This mde)dng is taken care of iD' EKlM he^er 11 13t WMch includes a 

unique identifier for the CAA or EA that is the source of the EMM^Md that fhef^fore is 
25 associated with the private key used to make the EMM's sealed digest. The EMM header 

also includes the serial; numberjfor DHCTSE 627. The DHCTSE 627 responds only to 
those EMMs that include its serial number' When a CAA is the sdiirce of the EMM, there 
: is also a value in the -header indicating .which of the CAA public keys is tee public key for 
: , the source iof the message: Conditional access messages may -'he'transported in other data 
30 protocols, vidiich may include other^addressiii'gimech^ • ■ 
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DHCTSE 627 ignores EMMs that.are addressed to. a, CAA qi EA:that is not "Known" by 

DHCTSE 627 (i.e., EMMs for y/h\ch there is no CAA corresponding to the CAAID or EA 

• that corresponds to the EAID). As will be explained in more detail below, jnfoimation 

about individual entitlements is contained in NVSCs 121 1 for the entitlements, gach of 

5 these NVSCs has a type, and an EA may chanjge the type or contents of an.NySC . 1^2 1 1 

by sending an EMM which specifies the name of the N VSC 121 1 to be altered. DHCTSE 

627 will alter the NVSC 1211 as indicated in the EMM imless the entitlement agent does 

not have an NVSC with that name or the change violates a constraint set bv the CAA. In 

those cases, the EMM is igno^red by DHCTSE 627. Conditional access system 601 does 

10 ' ' not require that digital broadband delivery system 501 have a reverse path, or, if one 

exists, that any bandwidth on the reverse path be available to the EMM conditional access 

function. Consequently, DHCT 333 does not return any acknowledgment, confirmation, 

or error messages in response to an EMM. Therefore, the CAA or EA that is the source 

.-\/ j.x.* '/J. ' . / ■ ■„ 

of an EMM should track the allocations of NVSCs 121 1 and send only EMMs that 

1 5 request legkl'operation^P Hi other erflbo'dSnfients, A f eVerse path mky be ireqiaire^I anci foife 

tliesfe embodiments, the reSi^se pafii (:an'b¥tiy<i Fo?adknovi^e%ment o 

Changing a CAA 

As previously indicated, a CAA is represented in DHCTSE 627 by its public key. Three* 
20 . public keys for the CAA are installed in DHCTSE 627 when it is manufactured.. A need* 
may occasionally arise to change the CAA of DHCTSE 627. One circumstance under 
which such a need would arise would be if the private key for the-. CAAi had' been 
compropiised; another woiild be iC^Jiew entity ha$ tajcen oyerj^e fujictiqn of authorizing 
entiijement ^gents^. T^t might happen^ /or cxajnple, ^as a cons;^quencey qf tjie sale of all or 
25 partof4D^DS.^0l. ^ , ...^ ^ ^ :::^Au ^-^V-t^o- -..^ . 

Any one of the public keys; fior :a CAAScahl?:e Replaced by means of a sequence of ^two 
EMMs, the first pf^whi^h ba$ a sealed digest enciypted witb4he private^ k^y 
correspondingvtp a, first onex),f the other itwo public keys, and'the second of which has a 
30 ; , sealed digest encrypted with, the private keyicoixespohding-. to the second dne of th'd other 
two private keys. Each of the two EMMs containsan identifier, theyCAAID for the new 



BNSDOCID <WO 6M71&OA1 I > 



SUBSTITUTE SHEETmULE 26) 



wo 99/07150 PCT/US98/16145 

CAA, a key select value indicating which of the three CAA public keys is to be replaced, 
and the public key for the new GAA! AftCT the first EMM is successfully authenticated 
by DHCTSE 627 by verifying the digital signature applied by the first CAA key, 
DHCfiSE 627 coihputes a MD5 liksh "of the new CAA public key in this first EMM and 
5 stores it: After thfe sefcond ^MM is suicciessfuHy autiienticated by the DHCTSE by 

verifying the digits signi^ture^^^ 

MD5 h^h of the new CAA public key inciudedin this se^ This second hash is 

compared with the first. If the hashes are identical, the new CAA public key and CAAID 
are substituted for the public key and CAAID of the CAA specified by the key select 
1 0 " value. A single CAA public key 'must h6t Be -changed twice without one of the other two 
CAA public keys being changed in between. ' ^ • k i v i . j< 

Dyhamically Adding and Rembvihg iBntitlement agents in DHCTSE 
627: FIG.' 15 ' ' " ' ' " ' , 



15 



When a CAA .authori:zes.a jPHCT, 33^ Xo rep^ive services, frqm aitent^ it 
does so by seeding a^sequence of EN|Pyls,that.jcreate,an;entitlem^ agent;descpptor EAD 
1 409^for the new entitlement agent. I^IG, 1 5 shows a djetaUed view of an EAD ,1409(i) as 
created by the CAA EMMs. Header 1 502 is cqmrno^i to all NVSCs 1211. Cell status 
1501 .indicates whether the NVSC .1211 is.allocated. Cell type. 1503 jndicaies:wh9t1cind 
20 of data it contains; .with an EA,P[ 1 409, Ccll.typc l.f;p3 in<|icates that the cell is a 'sW 

NVSC, Cell riame 1 505 is the 8,-bit,name th^t the CAA; gives the c«ll whep^it allocates it. 
"Die najrnes ^e.pep-EA,, That Js, % E A in§>rma|ion ,1333 for an EA may include up to 
255 NV SCs.. Ne>:t element .1 507 is a. pointepp th^ nex]t element in th& list:tQ which; the 
NYSC Jbelongs.. Th,us,,in an unallocated NVSC, it is a po;inter to th^ next NYSG in.free 
25 list 1407; in an HAD ,140?, jtjs a pointer to^ the, next elemerit m EAP list 1406, andjn a 

skinny NVSC that is part of a list 1 4 1 1 , it is the ne« skinnXxNVjSC i?! that list.? Next 
element 1507 is set in response to whatever EMM causes the list to be manipulated. 

The remaining fields are particular to EADs 1409. The fields labeled 1506 in FIG. 15 are 
30 all set by EMMs from the CAA. E AID 1 509 is an identifier for the entitlement agent to 

which EAD 1 409 belongs; in the preferred embodiment, EAID 1 509 is used to locate 
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EAD 1409 for a given cfnti^ement agent CAA flags. 151 1 are 

(1) the classes of service to, \yhich the entitlement agent can grant access apd (2). whether 
the public key for the entitlement a^ent is iiw First skinny N VSC 

1513 is a pointer to skinny NVSC list 141 1 l?elongipg,to EA infcirmati^B ISaSjtQ which 
5 EAD 1 409 belongs. E A maximuins 1 5 15 define the mauciqauin.^amouAts of sepjices for 

the EA to which EA information 1 333 belongs. The last field 1 506 set by ,the. C AA is EA 
public key 1527, which is the public, key for the EA to which EA information .1333^ , 
belongs. 

10 The fields in E A fi^elds 151 6, contain, ipformation that is associated with the customer to 

whom DHCT 333 belongs. The fields are seit by an EMM received from, the EA after 
EAD 1409 has been allocated and fields 1506 have been set. DHCT flags 1517 include 

flags indicative of the services provided by the EAthat this specific DHCT 333 is ^ 

• .: w:*^-?;-. ^IC^ 'V^-' - * ^'f.ir. 

presently entitled to receive. Stored credit limit field 1 5 1 9 is used with instances of 
15 impulse services, i.e., instances of services that need not be purchased in advance. Stored- 

> cfeffit^ liMit ^fieiH'l 5 19 indicates the maxntitim amourii^)f^a'sdi^i6e that ah interadtive If 
'/^ ctistorriercaft use \vitfiout autK6riiati6^ the iEA: AsHvilf l>e explkiiied in detail ^ ^ 
' * below; authdrization is obtaihed by lending ah FPM to the EX airtd receiving a confirming 
EMM from the EA^. X coordiriatie 1521 and Y cbdrdihate^ 1523 'defi a locaition of ' 
20 ■ DH0T 333 in a toordihate system (to be explain'bd 'more fvilly lat^r) established By the 

entitlement agent: The coordinate systeiri'may be geographic' and may; for exaniple, be ^ 
^ used to determirite whether^the DHGT 333 is4h' ail area Which is to be' blacked out m a 
- broadcast. The coordinate systeim may also bemse'd g^nferally to define subsets of an 
EA's customers. For instaSice, the X cobtdiiiate l[nd Y cobMiriate could be used to define 
25 ' ^fcustorners who do not wish to-receive moVieis'tliat havfe ratihgs other tliian G or PG4 3, 

> The PIN is a riiulti-chjsuiacier code that the ci^tbmer fcir the bHCT uses tb identify himself 
or herself to th^entitlemenft aiig^^ ^ • - • ' ' ' ^ ' ^ - - 
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The EMMs that the CAA sends to slet tip EA infbrination 1333 for an EA are the 
following: - - ^ . " .:v. i : : . ; 

• Set EA Allocation Name Map 

• Set EA Maxiinum Ailocatibtis * * * ' ' ^ ' 

• > Update Entitlement kgen^ 

EMM header 1 1 13 in ^ll of theke EMMs cbnt^hs k CAAID for the CAA, and all of the 
EMMs have a sealed digest that has been encryt)fedi with the Ci^A's private key. The 
GAA may use these EI^Ms not only to set Up E A iiiforrnaiiori 1333, but also to modify 
already existing EA information 1333 "for afi EA and io Vemove EX information 1333 for 
an EA. When the latter Has be^n done, DHCfSE 627 will no longer respond to EMMs or 
ECMs from the emitiemem iagent: ^ <^ ^ ^ ■ . . . 

Set EA AUocatiort Nani^ Map ' • . . 

The Set EA Allocation Name Map EMM contains an EAID, which uniquely identifies the 
EA for which the ^A iniFbrmation 1333 is being created or modified, and a name map. 
The map has a bit for each name; when the CAA has allocated a NVSC for the EA, the bit 
corresponding to the T>IVSC's name is set. CAA EMM code 1315 responds to this EMM 
by allociating the NVSCs required for EA infomiation 1333, mapping the names for the 
EAID to the physical locations of NVSCs, making list 1411 and setting first NVSC flag 
15 13 to point to it, adding the new EA Descriptor 1409 to the head of EA list 1406 and 
setting next element pointer 1507 accordingly , arid lillihg but hea<ler fields 1502 arid 
EAID field 1509.^- ■ v r;l '.^.j. ..r/. ... .^i-' ' ■ r 

CAA EMM eodie 13 15 stores the ^cim-ent ikriie tn2c^ for the EA in CAA data 1330 and 
consequeritly^can comp^e tiie name map in-a^ewiy^-i^ceivied Set EA Allodatibn Name 
;Map EMM with the current naine map. If aPnairie is specified In both rikme maps, the Set 
EA Allocation Name Map coxnmand does not affect the NVSC 12 f 1 with the name. If 
the name map in the EMM specifies a name that wias not in the' current nkme riiap, an 
NVSC 121 1 corresponding to that nariie is added to list 141 1; ' If the n^e ma^ in the 
EMM ho longer spiecifies 'a riaihe tKat was' previouSly*^l6catki^6 fee (i^^^ agent. 
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the NVSC 1211 corresponding tpjhat name.js returned to free list I407. After this is 
done, the name map in the EMM becomes the current name map. , . , i 

Typically, an entitlement agent and a conditional access authority-owill coope^ate ia, 
5 determining how large list 141 1 should be. .jF,or;exainple, if an entitlement .agenjt needs 

less space, it will send a message to that effect to the CAA, the message will contain the 
names of the NY SCs 12 1 1 that the entitlement ^gent wishes ^to have removed,: anji the 
name map in the EMM sent by the, .CAA;wiU^pe.cify.only^^^ nzunes of the NVSCs 121 1 
that the entitlement agent wishes to keep. It may, hqw^vec. happen that the entitlement 
10 . agent is not cooperative or that the conditional access authority must reduce the size of 

list 141 1 for the entitlement agent before it- receive? s^.me^sage .froiri the, entitlement agent. 
In that case, the CAA may remove NVSCs 1211 frpp list 141 1 by Jl^e vajue of the name, 
beginning with the name with the highest numeric value, continuing with the next highest, 
and so on, until the required number of NVSCs^ 121 1 haye biee^ r^rjpipyedt^ . -r^ ; 

15 

The CAA can also use the Set EA Allocation Name Map EMM to remove EA , ^ 
"information for an EA from DHCTSE 627. When the EMM is used in this fashion,, none 
of the bits in the name map are set. CAA EMM code 1315 responds by returning all of 
the NVSCs in the EA information 1333 and EA Desgriptor l409Xi) for the EA identified 
20 ' by the EAID in the EMM to free list 1 407 and re-linking EA list 1 406 as required. 

Set EA Maximuin All^^^ ; • - 

The Set EA Maximum Allocations EMM contains the EAID for the.EA haym'g^the* 
entitlement information 1333 that is being created or modified and also contains values 

25 for fieldy 5) 1 and 1515 qf^p . 140?, eCAArEMMjcp^^ EMM by 

reading. down ?A Iisal|ip6 i9iti in 
the EMM apd th?njSettiii|.|^^^^ ISlJ^^and 15;l$-ofEAD 1409 . using the Values inlhe 
EMM. W^en an entitlement agent §end^ an gMM to DJHIQTSE 627} th^ establishes 
entitlement infbpiation,of a,certmn ^55^ example, for an event;, the: code that: j 

30 interprets Uie EMM cheqks th? EA maximum allocation^ tp^determine whether the 

m^imuni «unn^ber p^^m^^ has been ^xcsfeded^ . In the preferred • 
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embodiment, entitlements are represented by NVSCs. Consequently, what is limited is 
the number of NVSCs of a given type in list 1411. 

Update Entitlement agent Public Key ^ 

5 The Update Entitlement Agent Public Key EMM contains the EAID for the E A having 

the entitlement information that is being created or modified and the EA's public key. 
CAA EMM code 1315 responds to this EMM by locating EA descriptor 1409 as 
described above and setting field 1527 from the public key in the EMM. With the EA's 
public key in place, DHCTSE 627 can then use the signed digests of the EMMs to verify 

10 that they are from the EA. This verification is possible since the EA uses the private key 

corresponding to the updated public key to perform the signing operation. 

EA EMMs that Modify Entitlement Information 1333 

The EA EMMs that modify entitlement infomiation have sealed digests that are encrypted 
15 using the EA's private key. The EMMs fall into two groups: EMMs that modify EA 

" fields 1516 of E AD 1409 and EMMs that modify contents of the NVSCs making up list 
141 i . As set'foVtH with regard to EAD 1409, each NV SC has a name, and each NVSC m 
list 141 1 has a type. An NVSC is named by the CAA. as described above, and its name 
cannot be changed by the entitlement agent. The entitlement agent can, however, change 
20 the type and contents of a NVSC, subject only to the maximums for the types established 

in EAD 1409 for the EA. It is up to the entitlement agent to keep track of the types and 
contents of the NVSCs in EA information 1333. 

' the EMKl 'that modifies EA fields 1516 of EAD 1409 is the Update Entitlement Agent 
25 "Properties EMM.r The second group of EMMs is fiirther subdivided according to the 
kinds of entitlements they provide. There are two broad families of entitlements: 
broadcast entitlements for non-interactive services and interactive entitlements for 
interactive sessions.^ Witliih the broadcast entitlements, there are further event 
entitleixients for events that the user pays for individually, as is the case with pay-per-view 
30 events, interactive pay-per-view events, and near video-on-demand events. The non- 
event broadcast EMMs include: 
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• Update MSK . . , 

• Update Digital Bit Map . . , , 

• Update Digital List 

• Update Analog MSK and Bit Map ^ 
5 • Update Analog MSK and List 

• Update Ansdog Bit Map ~ 

• Update Analog List 

The broadcast £MMs for events include 

• New Event Storage 

10 • Add/Remove PPV Event 

• Acknowledge IPPV/NVOD Event 
The EMMs for interactive sessions include 



• New Interactive Session Storage , 

• Add Interactive Session , . . 
15 • Remove Interactive Session 

As can be seen from the names of the EMMs, the can change tlje.type of the named 
NVSCs allocated by the CAA as needed for eveixts and interactive sessions, subject only-; 
to the maximums specified in EAD 1409. , . , 

20 There are separate C AA EMMs for allocating NVS^s, seUing limits on typ)es of N VSCs, ' 

and assigning a public key to an entitlement agent. Also, the EA EMMs for writing. ^ 
NVSCs 12 II do so by name and can change the NVSC 121 1 type as well.as its content. 
Therefore, access control system 601 has a high degree of control and flexibility. A CAA 
may dynamically constrain the total number of entiUements that an entitlemem a^ may 

25 give, the types of entitlements, and the number of entitlements of each kind as required. 

The CAA may also change the constraints either in part or as a whole, and can do so 
either in cooperation with the entitlement agent or unilaterally. Within the constraints 
imposed by the CAA, however, the entitlement agent is free to djmamically manage its 
own entitlements, changing not only entitlements of a given type, but even changing the 

30 ty(>es themselves. 



45 



BNSCXXID <WO 99071SOA1 I > 



SUBSTITUre, 5.HEEX.(RIILE 26) 



wo 99/07150 PCTAJS98n<145- 

Update Eiititlemetit Agent Properties ' 

this E^M contains the values for EA fields 1516 of EAD 1409. EA administration 
EMM code 1317 reads EMM header 1 113 to get the EAID for the EA to which the EMM 

is directed and simply sets fields 1516m EAD 1 409 for the EA from the EMM. 

,;..,.!,-..■>./-'. I ..■ ; . : i' --C:.j;= • L- ., • '■. : ' . . 

5 

Non-Event Broadcast EMMs 
, the no^-event broadcast EMMs, four ty^ Thes^ .are Update 

MSK, Update pit Map, Update List, and update combinations with MSK and list or 
bitmap. Those skilled in the art will be able to easily applj^ the principles explained 

10 below to EMMs that pe^orm the functions indicated by the. names of the other non-event 

broadcast EMMs. For example, theprinciples of digital EMMs can be applied to analog 
EMMs. There is a separate type of NY SC 1405 fpr each information type provided by 
the above non-event broadcast EMMs. FIG.. 16 shows the contents of four of these tvt)es 
ofNVSCs. Each NySC type >viU ^ 

15 information it contains. 

Update MSK 

The Update MSK EMM is used to send a new MSK fon aset ofjseyv/qes-provided^by the 
EA specified by the EMM. The new MSK and other inform^ation associated vyith the 
MSK are stored in MSK NVSC 1601 in list. 1.4J 1 for EA inf9.rm^|ion 1333 belonging to 
the EA specified, by the EMM. Included in MSK MyS!C.1601 is headcr 1502. Header 
1502 specifies that NVSC 1601 is a.MSK NVSg. g^^^ 

next element pointer 1507 to the next ele^ient in list 141 1. The other fields contain 
infomnation about the .MSK. In the preferred embodiment, MSK 1 60& has two 1 28-bit 
parts: the even MSK 1609 and the odd MSK 161 1, Each part has^two halves, i,e., a first 
half and second half, each of which has 56 keyjjits atid 8 unused parity bits. The MSK 
1608 is associatedjvith a pair^ identifiCT 1603,fOTMS.K 16Q8, an expiration date 1605 for 
M^K 1608,.andafiag 1607indica^^ 1605^should 
be ignored. If the expiration date 1605 is npt to l>e ignoyejd, DHCTSE 627 will not use 
30 MSK 1 608 to decrypt a control word after the expiratijon date,. The identifier 1 603 is per- 

EA, and consequently, a given.EA may have one pr mpre MSK, NYSCs 1 601 at any given 
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time to store a plurality of different MSKs. ^Thus,.cond|itiQn&l ^ccess^$ystem 601 not only 
permits separate security partitions for each EA, but also permits security partitions 
wiihinanHA. 

The Update MSK EMM header contains the EAID needed to locate EA information 1333 
for the EA; the message contains the name of the NVSC that is to receive the MSK a 
MSK pair selector which specifies a MSK pair ID for the MSK to be updated, a set of 

- nags perttiitiing the EA to'selfectively cfiknge'MSK pair m 1 603, expiration date 1 605, no 
expiration- dale leOVahd either fealPof Msk'^lfeOKand the irifoimation needed to make 
the changes. At a maximum, the BMM contains a value' for MSK pair ID 1 603, a value 
for expiration dat& 1605, a vialue for lio expiration date 16d7,'atid values for even MSK 
'I609and odd MSK I'61 r. 'EA MSK dode 1^3 i ? processes the Update MSK EMM by 
locating EA Inforrtiatiori* 1333 for the EA fdentifie^ by the EMM header s EAID, using 

- the cell ni'me to lOcak the pfoper Isl VSCi giving that ihJVSC the MSK type, and then 
^'v'riting'to the M^l^ NVSc I66f as required by the flagis and the information in the EMM. 
This procedure is the same for both analog and digital Update MSK EMMs. The ; 3 
difTerences are in the EMM command code in EMM Header 1 123 and NVSC type 15031 

t ^ , . . r, . ' 

'Eritittemeilt Identifiers ' - ^ ^ io* :: ^ 

As Avill be* explained fh Wore detail ijeiow, an ECM specifies the service instance that it:: 
: accompanies by rtieahs'of (1) the EaTD for the entitlement agent that is the source of the 
ECM and (2) i 32-bit enutlelfriehtilb for the instance. Entitlement IDs are per-EA. By 
making the emitHfrrfeht IDs '3 2 Bits long, each' EA will iiave enough entitlement IDs even 
for transient servicers such tfs pay-per-view evems and interactive services. In the 
•preferred embodimenu \vhen DHtfilSE^Sf 7 im^^^ ah feciM, it checks whether DHCT 
■333 is entilled'to'decrypt theinstince by'loofemg ih'EA information i33'3 for the EA 
• specified in the 1ECK4 firr iiiffehtitfenieivt ID tiiat corresponds to the enthiement ID 
specified in the"ECM.= The ehtitl'errierit iDs m*ihie1^^ and in EA information 1333 can 
be represented' iii at leasrt^i6 Ws^J^.'^ane'way is by simply listing'entitlement IDs.' The 
drawback vrith this* technique is that the 32 entitlement IDs are large, and NVSCs are a 
- scarce rfesoiirde; TPhe other wa^ is by rneaiis of a starting entitlement ID value and a bit 
map; Any entitlement'ID having a Valud W&ih 255 of the'ehtitlentent ID value specified 
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by the starting entitlement ID valu^ can be specified by'setting a bit in the bit map. This 
technique is set forth in the Banker' and Akins'pateht application supra. See particularly 
FIG. 2 of the Banker and Akins patent application and the discussion of that figure. The 
following discussion of specifying entitlement IDs by means df a s&hg ID and a bit 
5 map is an exp£bsioh o£the di%uSsk>nin-that patent applica^bn. • - ' 

- ' Update Bit Map EMM • ' ' ' - 

- This EMM updates a hit map thkt spedfies one or ihore eiitiilement IDs. the bit map is 
stoied in an entitlement bit map NVsC 1611 NVSC 1613 has a heacier 1 502 witk the 
10 cell number and type of thel^SC; a first ehfitieme^^^^^ liSlS, which is the first ' 
• ' enl5tlemeht ID which may be specifieil by trie bit map; an Expiration date 1617, which 
specifies' when the entitlement IDs ^jiecifid'd hy first 'ehtitlement ifr 1 6i 5 and the bit map 
expire; a no expiration date'flaig 1 61 9; which indicates whether there is'in fact an 
■ expiration date; aiid bit ma:p"162i . ' The update bitmap EWM contains the cell name for 
15 - the NVSC 1613 t6 'be set,'a set of flags which the information in NVSC '1613 that 

is to be set by the EMM, and the values for the information. The EMM may set' any or all 
of first entitlement ID 1615, expiration date 1617. no expiration date 1619, and bit map 
1621^ EA administr^HWEMi^TO^ by setting the fields of 

' the specified NV'SC'1613 "as indicatecTinih^ EMM. T^^^^ procedure is the same for both 
20 Update Digital Bii't Map and Update Analog Bit Map EMMs. The differences are in the 

EMM command code in EMM Header 1 1 23 iiid NVl^C type 1 503. " " 

UjidateLiis^t-EMM''- - ''^^^^^^^^ " 
■ The Update List EMM updates a list of entitlement IDs that is contained m an entitlement 

25 " listNVSC 1623. NVSC 1623 has a header 1502'With the cell name and type for the 
NV^C and contains up to six entitlement ID eiements 1 625 . Each of the elements 
contains an entitlemeint ID 1627, an expiration date 1629 for the entitlement ID, and a flag 
163 1 indicating whether the entitlement ID has an expiration date. The update list EMM 
contains the cell name for the NVSC, a value for the flag, an expiratiQn date, and values 

30 for up to six entitlement ID elements 1 (525^ This procedure is the same for both Update 
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Digitol List and Update ABalogXisl;^EMM§...p^ differences are in thc^^MM conunand 
code in EMM Header 1123 and IWSCty^^ , , . 

Broadcast Eyent^ . .f.^nr v:;:* -r -a 

5 A broadcast event is a one-rtime servjce^rSiich as apay-rpet-.View broadcast. of:a*oxing 

match. In the preferred embodiment, there are two kinds of broadcast events: ordinary 
pay-per-view broadcast events, in which the customer has. prdered in advance Jo. seefthe 
\ event, and impulse events where the custonxe^ decide^ at the,time the eventris broadcast 

that he Nvants to order it. There are different kinds of impulse events, such as: impulse 

i r : \:z . *ri /i - J' - ^- ■ ■ -. .i . - 

10 pay-pqr-view (IPPV) events, which ar^^ pay-per-view^vents >yh.ere the customer can 

decide at the time of the event^to purchase it, ,and,pegr videorpnrcjemand (NyOD),rWhere 
popular movies ajre rebroadcast at shpit inten^als ?uid the cjustoniier can decide^ when the 
rebroadcast occurs whether he or she wants to view it. Those skilled in tjhe art.>vill realize 
that the concept of an *'exe^nt" can refer to any service pwr^ spepijGc time period (\vhether 

15 broadcast or non-broadcast), such as video on demand events or rother types of events not 

listed here. . , ^ . , . <^ - . 

In the case of pay-^ef-yiew events, the custoiper orders the evept f^om the epfitlpment 
agent, and the agent responds by .spn<^ng,m E^MJVI that cpntains the necessary entitlement ' 
20 information. In the casepf events jjvhpre thup custpmer^ecid^g^ b^a^cast time^that he or 

she wants to purchase the event, purchase information* i.e., ijPiformatipn about the. 
entitlements that can be purchased, must be distributed with the event. In these cases, the 
purchase information is distributed by means of global broadcast autl\enticat(?d n^^ssages, 
or GBAMs. The customer provides input 628 that specifies a purchase. The DHCT 333 
responds to the input 628 by storing the record of purchase in the DHCTSE .627 .and then 
beginning to decrypt the event. Later, the DHCT 333 sends the entitlement agent a 
forwarded purchase message (FPM) indicating what has been purchased by the customer, 
and tiie entitlenient authority responds with an EMM that confimis the purchase and 
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contains the necessary entitlement information. The record of the purchase remains until 
an EMM confirming the purchase is received by the DHCTSE 627. 
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Event NVSCs: FIG. 17 
; FIG, 1 7 shows event NVSC 1 70 f used to store eitltitlement infofmation for events. 

Heidirr field-1 502 is similar to that for other NVSCs 1701 : Each eVfent Tt^VSC 1702 may 
contain up lb three event descriptors' i 703 /feac^^ of Which describes a single event. Each 
5 ' event descriptor 1703 coritiairi^^ 
• whcthehlhe everit^is activ^^^ 
eniiilcmeht agent has donfinned purdhase of the* event, (4) whether the'customer can 
• cancel at any time, (5) whether the cusfoirier can dancel in a caneellktion window, (6) 
wheihcrihc customer has canceled the purchase; (7) whether the right to copy the event 
10 hat been purchased, arid (8) whether the^evetit is ah andI6g or digital service.' Purchase 

time 1 709 is the later of the start time for the event or the time the customer purchased the 
event. End time 1 709 is the time the event is to end. Cost 1 71 1 is the cost of the event to 
the custoifien'and enfitleiment ID 171 3 is the entitlerhent Iti for the event. ' 

15 ".^New Event Storage- EMM> : ^ -^ ---^ • ' M^-\:-^ ^- --^ ^ -'^ ^ 

" ^Whiertthe^CAA sets up i^htitlfe agent:h 
includes a value in EA Mbcirhiims VS15 thm liittits'theiiurnbe^^ the 
* ^ entitienfierit agent may haVcJ Witkiri that rtuittbCT.' however: the ehtitlenieht agent is free 
' to allocate event NVSCs 1701 from thi total riUiribcr of NVSCs 1405 belonging to the 
20 . entitlement agent and to reuse existing bVeht NVSCS 1701 . To allocate an event NVSC, 
the EA uses the new event storage EMM: vi^hith simply contains the cell name for the 
NVSb which is to be allodated.-' On'ce the ev ^as been allocated, its fields 

are set as follows: r * . : c ^ . ^ • ^ . ^ ^ i . 

• In the case of an ordinary PPV event, fields are set by an add/delete event EMM; 
25 j : ^ . in the caife of ah iPPV ot N^OD event, Aeldif arb set in part from the GBAM for 
' 'theiev^ ^ ^ ' 

^ "^The contents of iauti eveht NVSC 1 701 ar^ deleted by an a(id/deiete event EMM or by 
receiving an ECM bori^^ 
30 - 1 701, if the event record had be'eri preVib'ii^ly acknowledge by receiving the 
Acknowledge Event EMM. 
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The Add/delete Event EMM - : i 

The add/delete event EMM contains, a flag which indicates, whether the EMM is.setting or 
. deleting an event. In the latter ca^e, the CQntents,Qf the EMM must m^tcl^ the current 
contents.of the NV^C ,1 7Q1 that is to deleted, . In Ihc .former case; the values .of the 
5 EMM include flags indicating whether ^iipp extension? are allowed and whether the right 
to copy has been pyrchped. Fujcthpr mcludeci ai:e values for the event's start time^and end 
time anji the entitlernent ID for the event.. A\5ien4he add/dek flag indicates "delete^ 
EA administrative code deletes the con^en^ts o£the NVSC 1701^. .When it indicates "add", 
the code sets the con"esponding,-fields o£the J^VS^ 1701 to the, values specified in the 
10 EMM. The flag that indicates whether tl\e. E A ha3 acknowledged the purchase is set to so 
. indicate. _ _ . • > . .r\ -.^ T 

The Glottal Broadcast AMthenticated MessagerFIGs. I872O - 

The Global Broadcast Authenticated Message (GBAM) is, like the EMMs, ECMs, and 
1 5 FPMs, a C A message. A GBAM is broadcast by an e;idtlemejit ag^t to vDHGTs 33 3 . # 
. FIG. 1 8 shows a C A messiage SOS^iocJuding.a.GB AMr 1 80 1 . Message 805 includes a C A 
. TOessage.header .J 003.aiicia # 
. GBAM header. 1 807 and global broadcast, data 1B09. Glqbal broadcast data 1 809. is not 
encryi>ted, but GBAM 1801 is.a]utl>enticatej|,in the same, fashion as an ECM: header v 
20 . . . 1 807, global broadcast 4ata 1 809^ and NISK 101 5 belonging to the EA which sent the i| 
GBAM are hashed by OM^ As 
. with the ECM, the IS^SK, 1 0 1 5 . i^ a ^shared secre;t betyveen the EA which sent the GBAM 
and DHCTs 333 that have EA information 1333 for the EA ^ 
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FIQ. 1 9 shows GBAM head^^. 1 807 in detail,as well as the^fonn that global broadcast data 
1 809 takes when GBAM 1 80J is used to prgvide entitlement information for IPPV or 
NVOD. GBAM header 1807 has a conditional access system ID 1901 that identifies CA 
system 601 in which GBAM 18A1 is being used,, a tag which indicates. thatthe. message is 
a GBAM, and the identifier 1905 of the entitlement a^ent sending the ,GBAM,..FieIds 
907 and 1909 specify the key that was used to make MAC 1805. Field 1907 specifies 
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the parity of the MSK half used to make: the digest, and MSK select 1 9 11 is an identifier 
• for the'^MSK itself. • r • - 

Piffcteasable entitlement ciata 1913 refer^ to ithei fbm of global broadcast data 1809 that is 
5 - used to providie entiUem«int irtf6nhati6h=for'i^ Of the fields that are 

relevant for the present discussion. Entitlement ID 1915 is the entitlement ID for the event 
associated with the GBAM, and Flags 1917 include flags indicating what kind of 
cancellation is allowed and whether the time for the eveii't 'may be extended. 'Number of 
modes 1919 indicates how maffy diff(weht modes there are for purchasing the eVent. The 

10 rights which the purchaser receives to' thfe event- and the price tKe purchaser must pay will 
vary with the mode. In the preferred embodiment, an event may have up to five purchase 
: modes;; l&more purchase modes a^e^fequired/additiOnal GSAMs may be sent. The rights 
and prices for each mode are indicated by arrays. Each array has as many Valid elements 
as there- are modes.- The value of ah eleiherit corresponding to a irtbd^ indicated the right 

15 - or . price for that mode.; Thusv niode tigKt to topy field 192 r i^ 

mode is set, the ipurchaserrof the mode has' the'ilghVt& c^ Simii^lyVihode 
length field 1927 contains a value for each mode which indicates the length of time for 
the event in that mode. -Mode ebst fi^d 1929 contains a' v^ue for %ac^i mb^de wiiich 
indicates the cost for the event in tha^t-mode.-"* Earliest start field 1 923 giVes' the earliest 

20 time at which entitlemexit for ti&e^ event can stMrt, and ikest end field 1925 gives the latest 
... time at which entitlement must 6hdr '-^ ' 

..When DHCT 333 receives GBAM iSOU'it pa3se^ GBA^^ 18dVto DHCTSE 627'^for 
authentication of global broadcast data li809: >iuthenti<ktlbh Will' fail unless DHCtSE 
25 .627 has the required MSK: If (1) DHGTSE 627-has the requireil MiSK aiid (2) global 

broadcast data 1 809 is data 1913, DHCT 333-'j>eraits-the custbfe to i)urchase theWnt. 
: In so doing the custolne^-ideritifies himself or herself to' DHCT 333 by m€aris"of a PIN, 
.andlhat PIN mustniatch PIN 1525 ifi EAD Ud^fbr the ratitfetaehtkge^^ that Lent the 
? GBAM. In making his or her- purchaie, the customer also ispeciffes the relevant rriodes. 
30 Given the mode information and the cbst- information iii die GBAM, DHCT 333 can 

-. determine whether ordering the 'impulse evem 
.taniouht (of time, moheyi dtd.) specified in ^bred credit 'limit'^ 15 19 in EAi>1469. lif the 
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customer has not exceeded the limit, the Mprmation^from the GB AM and.from the 
purchaser's inputs are used to make an event descriptor 1703 for the eventi, DHCT 333 
passes the information to DHCTSE 627, which sets the fields in event descriptor 1703 
according to the values, provided it by PHCT,333. The,flag,that indicates whether Jhe 
5 purchase information has been acknowledged is cleared, and the cost of the event is added 
to the current credit balance. , ' . ; 

The Forwarded Purchase Message:. FIG. 21 . . : . . i: . 

The forwarded jpiirchase message (FPM) .in a preferred embodiment, serves' two purposes: 
•0 • iMnfo^s the entidement agent that the sustotnerhas purchased an IPPV o 

NVOI^ event; and.. , . .,;.,-!•,•.:■'. r- a. ■. -r',- . .;• . • 

• it informs the entitlement agent._lhatr,tl^e customer has canceled the purchase of any 

event. .. . ... ■.r^,.;;;;. ■■ . j ' L> ' 

.In ojher em^odipients, messages, like^the ffM can be- used to jfransfer any kind of . 
15 infom^a^ipn fTOn?..DHCT;^33-to;a s^r-a^iEA'i.Jor examplfc,osudj'a messagepan be 

.usedtotra^fe^.i^Qi|tW:^^^^ ,ur,cn | 

, ^i^9T 3.^3 ^nd5 a fprwai;ded;purcha»^jpesB3ge^v^^ inS>rmation via the 

reverse ch?innel to the entitlement agent that^S)^%tJjei6BAM. The;FPM is contained in a ? 

20 reverse channel data^packet,th&t is addressed jto the^gA. .RI^. 21 provides an overview of^ 

the FPM and of the cryptographic measures used- to protect- its contented ;FPM-2.1 0 1 is a 
CA message 805 and consequently is sent with a CA message header 1003. FPM 2101 
itself is made up ofj^I^M^ncT^^pted.eqyelope key 2103-,,wh the EAID for the 

: ? entitlement agent jand PPIyl key J^l^ 1 9 foir, decr^.tingrthe purfcteasing information contained 

25 in FPM encrypted sejij^ntl-? J 13^. The kej andpther;COiitentg:of eB«elope J^^^ 

encrypted fo|^pfiv8cy.usm^;thejpublic;.:k^^ 

is iptepded. C^A; jpfM^jses^e^JiOS includes € A, RpMh^^der 21 1, which, includes' the 
EAip for thie .intended; EA^ Mi4 FPM,enqryf^ events"23fl3.: Theiatter arc encrypted 
using the 3-p^S.algorithmi-§dtljjA^ 2103? €A FPM mesSage:2105's 

30 paits are ajJieader 21 3, FPM clea|r.€?vents;2133,,wlHch contains the purchase infomiaiion, 
.and padding 21^3§. ,Jh.e, last part of FPM .210;1 .is FPM signed authentication 2 107, which 
is enctypted-with^tlie^ P"}f»^^. '^^y^^A.^HCT 333 from Avhich. FPM message 2 1 Ql is sent. 
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' The encrypted material includes FPM sighing header 2125, FPM MAC 2127, and 
paddihjg 2 1 29. FPM MAC 2 1 i27 is riiade using the MD 5 one-way hash' Algorithm from 
•FPM iclear events 2133r Orily the EA for which the FPM is intended cairi decrypt 
enveloper-key '2103 to obtain key 21*1 19 td decryjjt FPM 
5 can check the authenticity of FPM cleir events 213 3 only if ii has the public key for 

DHCT 333 from which FPM 2101 was sent. 

The part of FPM '2101 which is of fiirther interest here is FPM clear events 2133. The 
information in that part of the FPM includies the sen^ number of DHCTSE 627 in DHCT 

10 333 from which the message came,-the EAID'of the de'^ihatidn EA, and' M indication of 

r ; ' the number of events for which thte'FPM contains purchase information, th^ infonnation 
for each event is colitairied iii forwaMed -event- data for that e'veni. The fbnvarded event 
data.is.takenifrom GBAM' l gOl jifideAS'eht-descripior 1703 for th^ Fields of interest 

in the present context include flags indicating XO wheth^ event has beteft extended, 

15 (2) whether theiisef has canceled the event, ahd-(3) whethet^^^^^ purdfiased 

th& right to copy i Other ihforinatioh' iiicliides the time tR8 everit itkrted or" Was 'purcltased, 
whicheveif is-latervthe tiine-lhe'eVent- Ktben^ 

entitlement^ liD for the^eveht. Td'^cknceTahy ev^nlt iricltiding an ordinib^^|^y-pfet-Vi6w 
event, DHCT 333 sends an FPM with the samei 'message, but witlJ the everit ciuiceled flag 
20 set to indicate cancellation. The conditions under which DHCT 333 sends an FPM 

- . cancellation message will b^ explained iri-mbre detail belov</7-FPMs may also be used to 
purchase other service types, stieh as monthly subsdriptibns,' or data downioadkl fdr 
• example,- -•■ ■■ "-'^ .'-^ ., ■ ..i . ■: .. • . :"• •: . • 

25 The Acknowledge IPPV/NVOD Event EMM 

Whehnherentittemeiit agent receives the ¥?M, it enters the infonnation contained in the 
FPM'in its customer' iiifoiroatibh database 

event EMM to DHCT 333." EMM coihrhahd data I I'ls iii this EMM contains an exact - 
copy of the forwarded everit data' in Uie FPM that the EMM is acknovvledgin^. When 
30 DHCtSE'627 receives this EMM, it decrypts and au&enticates it "and then, for each item 

of copied fbi-Warded event"data, if uses the ehtitiemenit lb* to locate event NVSC 1701 for 
the event. ■ Hafving loiciated iftie everit NVSC 1 70 1 ^it compares the copied forwarded event 
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data with the corresponding fields of event NVSC 1701., If they are the same, DHCTSE 
627 sets the flag in jFlags Field 1705 that indicate$, .tlj^at the purchasehas been confirmed 
and adjusts the stored credit balance. If the, EMM h^ its Vcanceled!' flag .set, the ."in;use" 
flag in event NVSC 1701 is set to indicate that.event.NVSC 1701 is not in use and is 
5 therefore available for reuse by the entitlement agent: t 

Other uses of GBAM 1801 

GBAM 1 8Ql x?in be u^ed -generally to broadcast authenticated messages-ivia a MPEG-2 
, transport stream, or vO,ther transport mechanisnxs, to DHCTs 333;, GA system 601 itself 

1 0 uses GB AM:J50 1 in two ^th^f wa>f s: . iq periodically brgadgiast a .time value, to DHCTs 

333 and to extend the time for e\en^j .In.th?,fpnner c2^e,.G5^AM,1801 simply carries the 
time valu?.. which is a,secure time, duetto Xbe, <jyg[AM'§ aujhentiqation, Thexode in ' 
^HCT 333 whicKcanries ouja tas^for t^ie enti$lem^i)t:,agem that sent the: systemitime 
QBAM use the, tiqii? yalp|2 to c9orfJin9j^ it? ;4ctivHies^^>^^ the, EA. r Note 

1 5 th^t tj^is ^^gempnt per^its,th^e, vsq^^f perremitl^ipent a^^^ schemes;;; It alsd 

peTT^its^est^Wi^W^ 

sysieip ,by setting, uji, one ^ntukin^rU^ (ii[gital^l>roadband ^* 

, delivery ^^stem p the "§y^tein time,entitlemcnt^gent;^ and:;addressinglbe system,lime 
GBA^I to the system time entitlement agent ? - ; • : * \ ' / T . , . / > ^ 

GBAM|s |801 that extend the time.for an eyem the eijtitlernent lU for the event and 
the nximber of minytes the.time .for Uie event is to be extendedj; When GBAM > 1 &0 1 is 
received and provided to DHCTSE 627, the secure element adds the number of minutes to 
end time 1709. 

FIG. 20 shows a server application 2001 executing on a processiqii h^Ying.acqess to , 
entitlement agent 2005 and to the MPEG-2 transport sti-gam beixjg received bx a: group of 
DHCTs 333 . The serveir application 20p 1 can use GBAM 1 80 1 to send, authenticated 
messages to the DHCT^ 333, ^Server apiplication 200r.sends a message to^entitiement 
30 agent 2005, which ixses it3 transaction encp^ption device 603 to make a GBAM 1 801 

including the payload. Entitlement agent 2005 then returns the GBAM.to seryer 
application 2001 which sends appligation^data together with the GBAM, as sho\vn at 
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2007, to client application 2009 in the'DHCTs 333: Each client ai>plication sends GBAM 
1801 to DHCTSE 627? which authenticates it. If the authentication succeeds, DHdTSE 
6i27 sends an^acknowledgmeht toxlient application 2009. It should be nbtedliere that it is 
the entitlement agent and not server application 2001 which authi^nticales the payload. 

5 

NVSCs and EMMs for Interactive Sessions ^ - 

DBDS 501 can also be used for interactive sessions.^ Examples of such uses are browsing 
the Internet or playing video games. In such applications, data being sent to the customer 
will generally go via the MPEb-2 transport stream, while data being sent from the 
10 custorner v/ill go via the reverse channel. SucH an arrangement is advantageous for the 
many interactive applications in vvhich the customer receives a large amount of data, for 
example, the data that represents an imaged makes a short response, and then receives 
another large' amount of data. w - i * > ^. 

15 Each interactive session that is cun-eiitly taking place with a usier of DHCT 33^3'has^an 

interkctive se^sibn NVSC 121 1 in list l4 l 1 fclongihg to agent that grants 

acces^ tb'the interactive session. The interactive session NVSC contains a session key for 
the ihteradtiye session and iari erititlement iD for the interactive session. DHCTSE 627 
allocates the interactive sessioVNVSC in response to a new interactive session storage 

20 EMM froih the entitlement agent. The new interactive session storage EMM simply 

' contains the cell name of the NVSC to be used for the interactive session. 

One'e the EA has established the NVSC, it sends ah "add Interactive session" EMM that is 
directed to the name of the newly-allocated NVSC and contains the entitlement ID and 

25 the key for the interactive session. The secure element places the entitlement ID and key 

in theNVSe. When the EA determines that the interactive session is over, it sends a 
"hinibW interactive session'* EMM with' t^le enti^^^^ ID for the interactive session and 
ih6 secure elemeht deletes the contents of the NVSC. It is of course possible that the 
entitlement iagerit Sends a new interactive storage EMM at a time wheii all of the 

30 imeractive session NVSCs allotted by the CAA to the EA are already in use! DHCTSE 

627 in a preferred embodiment deals with this situation by keeping track of the last time 
each interactive session sent or received data. When a new interactive session is needed 
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and ;nonc is dVdilsible, DHCTSE 62*7' shuts down the interactive session- that, least r^Cjsntly 
sent or received data and uses that interactive session/s interactive sessioa NVSC for the 
new in^teractive session. Another solution is to request tl^? user to seleeVan interactive 
session to be terminated../. . .-v. * - r^-.: - : : *--r : r u ' 

5 

Details oftheECM: FIG. 22 ,>c,5 . , / i >. 

The information in an ECM that is used to determine whether the inst^ce of a service 
that the ECM accompanies is to be decrypted in a given DHCT 333 contained iq ECM 
entitlement unit message 1011. FIG. 22 gives details-of the contents, of ECM entitlement 
10 unit message 1011 for a preferred embodiment of the present invention. Beginning with 

message ID 2205, the two fields 2201 and 2203 identify this message a^ an ECM 
entitlement unit message. EAID 2207 is the identifier for ]the entitlemeni^|Lgent which 
grants entitlements to access to the instance of the service that the ECM accompanies. 



15 



20 



25 



30 



Decryption information 2209 is information used to produce the control word 2235; 4 
Control word counter value 2235 is encrypjed using the 3DE^ algorithm.in aprq^^^ 
embodiment. This algorithm employs two keys, and in a preferred embodiment, ,each.key 
is 1/2 of the MSK. Also, there are two versions of the MSK: even and odd. MSK parity 
221 1 specifies which version is to be used in the 3DES algorithm. MSK ID 2213 - 

specifies which MSK belonging to the entitlement agent is to be used, or if the ECM \ 

r; ; ^ v. v . ^ • ^ ; ' * s-^ 

accompanies data for an interactive session, it specifies that the key is to be found in the 
NVSC for the interactive session. Control word parity 2215 specifies the parity of the 
unencr)^pted control word 2235. Parity count 221 7 is a 0-1. coiinter that has the value 0 
when the parity of the control word is eyen and 1 when it is. odd. 

Free preview 2219 is a flag that indicates that the ECM i? accompanying a portion of the 
service instance that is a free preview. That is, as long as a . customer has the MSK for 
decrypting the service instance, the customer needs no further entitlements to view the 
free preview portion of the service. The main use of free previews is with IPPV or 
NVOD services. Copy protection level 2221 is a value which indicates to what extent the 
instance may be copied. Blackout/spotlight 2223 is a value which indicates ho>y 
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blackout/spotlight information 2236 is to be ilsed: not at all, for a blackout, or for a 
spotlight (i .el , the service is tairgeted tb the specific area).' 

Number of entitlement IDs' 2225 specifies the iiuftiber of entitlement IDs 2245 that are 
5 contained in this ECM., The maximum number in a preferred embodiment is six in a 

' singfe ECM. lS?iultipie ECM^'^rnay U's^rit foir ekch s"ervice. Allow IPPV ^229 is a flag 
wHich Indicates whether the s^rvilce instance may be viewed on an IPPV or NVOD basis. 
Cancel window 223 1 is a bit that is set in a service instance that may be viewed as an 
ieverit to indicate the end orihe period dunhg which the customer may cancel the event. 
1 0 Time stamp 2233' is a time stamp iriciicating tjfid time at which' the £CM was created. 

Encrypted control word 2i235 is the cbntrbl word coiitained in tKe ECM. It is encrypted 
uiing the 3DES ai^britlmi'and the'MSiC for the service instance' 

Blabkout/spotlight informatibn 22^6 deftries a geographic are^^ be'blacked out 

15 or spotlighted by an instaribe of serviced tt does so Tiy me^ans^b^ y 

centroid 2241, the two of which defme a point in a'gbographical coorciinate system 
defined by the entitlemem ag^m^M^ which is used to dete^ 

square that is centered on the'point defined by 'fi 2239 and 2241 and that hasVides that 
• are twice the value of bladkdQt radius 2237V Eniitlemem list i243 contains from one 
20 to sik entiflement IDs for ihd: in^i^4ricfe' of the service that the ECKI accompanies. 

Details of Blackbut/spotli^ ' 

...v. ,--;.^t;" -^'-r ' . 

The coordinate system used in a preferred embodiment is shown in FIG. 26. Coordinate 
. : > .:: \. rr-', i^v *' '-A . . . .::J' 

system 2601 is a 256 unit by 256 unit square, with the origin at the lower left-hand comer 

25 In the coordinate system, it is the lines, rather than the spaces between them, that are 

numbered. The entitlement agent to which coordinate system 2601 belongs assigns each 

DHCT 333 in the area covered by the coordinate system the coordinates of an intersection 

of a line that is perpendicular to the x axis with a line that is perpendicular to the y axis. 

thus/a DHCT 333(k) may be assigned the point (ij) 2603 in coordinate system 2601. 



30 



FIG. 27 shows how areas are defined in coordinate system 260 1 . Area 2705 has its 
centroid 2701 at the point whose coordinates are (57,90). The radius 2703 of the area is 
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ihrcc. so this number is added to and subtracted from each of the coordinates of the 
ccniroid to produce a square 2705 whqse lpjsv^e|r' left-hand comer is at (54,87) and whose 
upper riehi-hand comer is at (60,93). In the preferred embodiment, points on the left and 
bonom Lines arc in the area; poin]^ on thejLpp.9p4 ri^^^^^ lines are.nQt. , ... . 

Determining whether to Decr>'pt the .§^pr|ce Instance that Accompanies ajn(£CM 
Conceptual I y, what happens when DHCT ^3 3 3, receives an ECM accompanying .an. 
instance of a scrx-icc is that DHCT 333 proyicles the ECIs^ to DHGTSE 627, which 
examines the NVSCs in EA storage 1331 to find. whether the . customer to whom DHCT 
333 belongs is entitled to receive the instance of the service. If the customer is so • 

entitled, DHCTSE 627 decrypts the control word in the ECM and provides it to service 

I ^ : . r 7 • :.':-v ^ ' . .vi . > 

decr>'ptor 625, which uses it to decir^pt the MPEG-2 packets containing the audio and 
video for the service. However, the number of different kinds of services, the nimiber of 
different ways in which a service can be purc^hased, an^.the ^umbei; of \yays in which 

15 access can be restricted all wo^k together to make the manner in which DHGTSE 627 A 

• 1 / \<\ o*. ..%jC:i .-o.vi--^ b' • , . -u . ^ v. -,c .... fi. 

processes an ECM rather complex. - , - 

The simplest case is for a broadcast service such as a standard, CATV channel. Here, the 
customer who ownij DHCT 333 has paid his.or her monthly bill for the service and the 
entitlement authojity has sent twp^.EIyJMs lo.pHCT ^33;.-a MSK EMM with the month's 
20 MSIC for the service? and an EMM that speqifie^s th? entitlement ID for. the seiyiee.\ As^ 

previously pointed out. the latter EMM may either contain a list of entitlement IDs or a 
first entitlement ID and a bit nuap. AH.Qf these EMMs may also contain expiration dates: 

in the case of the MSK EMM, there is an expiration date of the MSK; in the case of the 

. ,^ J ) .7' rr'-;:vCi. .? i . ;?^> ..:7 j: • ro . . 

entitlement ID list EMM, there is an expiration date for each entitlement ID on the list; in 

25 the case of the entitlement bit map EMM, there is an expiration date for the entire bit 

^ niap. 

* . • ' C' ^O',. irii.iv'- . . \. : . " * rr* 

At a minimimi, EA information 1 333 for the entitlement agent that provides entitlements 
for the service instance that the ECM is accompanying contains EA descriptor 140^, a 
30 MSK NVSC 1 601 , and either an entitlement bit map NVSC 1 61 3 or an entitlement list 

NVSC 1623 for the service to which the instance belongs. EA information 1333,niay also 

^ / i..; . ..V'" :r:y'-^'''^ '.i -J ri r. -v . . - 

contain NVSCs with entitlement information for many other services or instances thereof. 
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The ECM for the service instance; will conta[in, at a mihimurn, entitlement agent ID 2207, 
decryption information 2209/time stahip 2233* enlcrypted control word 2235, and a single 
entitlement ID 2245 for the iiistaii ' 

5 When DHCt 333 receives th^e' E€Mv it^SeiiverS th^'ECM to DHCTSfe 627, which reads 

doWn EA list 1406 tmtil it finds an EA xifesbriptor 1409 having a value in EAID 1509 that 
is the same as the value EXiD 2207 iil th^ ECM. DHCtSE 627 theh follows first NVSC 
pointer 1513 to list 141 1 emd looks ifor a MSK NVSC 1601 that has an MSK ID field 
1603 containing the same value as MSK ID field 2213 in the ECN^. Having found such 

10 an MSK NVSC, it determines from no_exp_dat flag 1607 whether expiration date field 

1605 contains a valid tinie value, krid if s6;it iiomiJares'that value with' the Val'u^ in the 
ECM'sti'me stamp field 2233J. If the vWlue ifi tifrie'stamp field 2233 is more recent in 
time, DHCTSE 627 will not use MSK 1^08 from MSK NVSC 1 60 1 16 decfrypt coritrol 
word 2235. The secure el6nnfent contiriue?s Searching for an MSK NVSC with the proper 

15 MSK ID and an unexpired MSK, and if itTmds sucH'^ MSK NVSC; it uses that 

. NVSC; if it finds no such MSK NVSC, it does not decrypt the control word. 

DHCTSE 627 similarly searches list 141 1 for ^ erititlemieht bitmap NVSC i S 13 or an 
- entitlement list'NVSC 1623 'which Contains ism enlitlemerit ID which is the same as one of 

20 ' the entitlemehf IDs 2245 in tlie ECM:* if (I) DHCTSE ^27 finds ah NVSC witH such an 
entitlement-ID ahd'(2) there is ho valid expiration time in the NVSC that specifies the 
' entitlement ID that is earlier than tim6 stkmp 2233 in the ECM and^ ^3) DHCTSfe 627 has 
also found a valid MSK NVSC 1 601 als destri&d above; DHCTSE 627 decrypts control 
word 2235 using 'the MSK aind decryption information 1209 in 'the ECM^ Deciyption is 

25 done using the 3DES algorithrri that was used to encrypt the control word. In a preferred 

embodiment; the control word contained in the ECM is a coimter value as described 
abovej and DHCTSiE 627 prbducbs'tl^e cbhtrol wore? tHiat aerially is iised to decrypt the 
servibe instance by re'-ehcryptihg th^ iiif egef using the MSti and tKe 3D£S aigorithm. 
That control word usable by the service decry ptof is then returned to service decryption 

30 -'module 625, Vhich uses'it to' decrypt the M 



60 

gUBSrmJTE SHEET (RULE 26) 



WO 99/07150 PCrr/US?8/16145 

As is apparent from the foregoing description, wheaPHCTSE 627 searches an r . 
entitlement agent's entitlement agent information 1333 for a given entitlen^^nt for a 
service, it continues searching untij it h^ either fpijind an ISn/SC that cpptains the 
entitlement or it has reached the end of list 1411. What this means in logical terms is that 
the jsntitiements that a , given entitlement ^gept^can graAtarp the logical OR of the ^ 
entitlements specified in entit}pinent,^g?^^^ 1333; Foir example, if pne . r 

entitlement bit niap NVSC thaj cpnt^ns Ae..^iiie entitjement ID as thp ECM.hfc expired 
butanother has not,jDHCTSE 627.disrQgai;ds l^e exjjired NVSC, and ^ased on the^tive 
NVSC, produces control word 2235, , ^ j , ... ... ^ 

It should further be pointed put here^that time, ptarpp.2233 in the pCM and the expiration 
infomation in the NVSCs preyentj^use q montii's^MSIC. to^ decrypt . 

instance in the current month and alsQ oxf vpnt reusje of a previous month's entitlements in 
the current monUi to^rnplemem the^prptpctiop agajnst replay at]tacks.^escrihed in the 
15 Bilker and Akins patent ^pjicati^ , t 
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Where further restrictions apply to an entitlement, DHCTSE 627 searches for that ft; ; 
infonnatipn as well in entitlement agent inf^ 

blackout/spotlight field 2223 of the ECM indicates that,a blackout applies to. the service, 
20 DHCTSE 627 uses blackout/spotlig 

specified by x coordinate 1 52 1 and y cpordinate 1 52^ is ^yithin the sqijiare specified by 

blackout/spotlight information 2236; if so, DHi^T^E 627 does not decrypt cpntrpl word 
. 2235. When a spotlight applies, the prppedure i^; of course the opposite: Dj^CTSE 627 

decrypts the. control word only if x coordmate| fjdji .1521 and y coordinate field 15^3 
25 specify a location within the square, .... 

As previously noted, the teclu)iqu^^^ used tp grmt entitlements according, to 

geographical area may be geper^ized to grant entitlepients tp, various subse;ts of . . 
customers. For exsmiple, entitlements may be cpnceptuajly ^epiiesentf^d in aYenn • 
30 diagram, blackout/spotlight information 2236 may specify an area in^the Venn diagram 
that represents the set of customers that are entitled to receive the service, and x 
coordinate 1 521 and y coordinate 1 523 may specify the location of the customer in the 
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Venn diagram. One use oiF sxich dh aitangenieht would be to restrict Access to an instance 
of a scr\ ice according to a customer'^ desire that users; of Kis or her DHfcT not have 
access (o instances with 'objectionable coiiteht! ' Iri'other einbodimehts, of bourse, more 
coordinates or other Ways of iriepresentifig ^t mehabership could be used. 

• Event Se'rviccs ■'- " ' ■ -■ • ' ' ' - 

When the ECM accompanies an instance of an event, interpretation of the ECM takes 
place as described above, except that the entitlement information for the event is 
contained in iin event NVS'C'l70'l. DHCtisi 627 seiches the entitlement information 

10 1333 for ihfe entitlenfient agent having the EAl6 that is ^ 

1701 coriiaining an event descriptor 1703 S^ith ah ehtitlement ib^713 thkt is the same as 
one of the entitlement IDs 2245 in the ECM. If the event is a standard pay-per-view 
event. DHCTSE-627 then examlhes the fla^s 1 705 to determin^ whether the customer has 
canceled the event and whether purchaise of the event has been confirmed (always the case 

15 with standard pay-per-view). The DHCTSE 627 then compares purchase time 1 707 and 

end time 1 709 with time stamp 2233 to deterriiine WhetHw- the time indficated by the time 
stamp is'withirrihe^ penod"iftdieat6ci hymidslYof akd^lO^' If the exammatiQn of event 
NVSC noriridicatcfs that tlife el^sWinfer ii 6ntiiied 'to the event, DHCTSE 627 decrypts 
control word i2235 as desfcribed abdvef. - v 

With IPP V or NVob events, allow IPPV flag 2229 in the ECM must inciicate that the 
event is one that need not b6 piirchasi^d in advance. Free preview flag 2219 may also be 
set to indicate that the portion of thie eVent instance accompanied by the^CM is part of 
the free preview, and cancel windovv flag 2231 may fiirther be''set to inditate that the 
25 event can still be canceled. . If free preview flag 22 1 9 is set, DHCTSE 627 simply looks 

for a MSK NVSC 1 Soi in EA irifonnatiori i33itKat cbnteiiis the'MSK specified by MSK 
' ' I D 221 3 m the ECM. If the bHCTSE '627 fihds one tiai is valid, it decrypts control word 

••: • : - rr. ... • . "^.o J 3.-, ;tJ ' . 

30 If free preview flag 2219 i^ nbt i^et; btTCtsE 627 goes to tlie event iSlV'SC 1701 having 

this entitliement ID 1713 that is the saihe as oiie in iiCK^'feeld224'5. If flags iiicl^^ in 
flags 1705 indicate that Mie puix:hase oif ^e event has been confirmed and the "event has 
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not been canceled, DHCTSE 627 decrypts control word 2235. If the event has not been 
canceled and has not been..confirined,>ut tim^ stamp 2233 indicates a timethat is vvithin 
a predetermined period after purchase time 1 7p7^i^dicated in event descriptor 1 703, 
DHCTSE 627 also decrypts^control word 2235, Itjs by this means^thatthe.s^ 
5 instance continues to be decrypted between the time the FPM is sent to the entitlement 

agent and the time the entitlement agent returns the acknowledge iPPV/ljjyQP[,?vent 
EMM. This causes the confirmation flag to be set in flags 1705. 

Cancellation of Entitlements to FIGs^.,17, 19, and 22 ^ 
10 Whether a user qaxi-cancel a previously purchased entitlement to an IPPV/N VOD event 

that he pr she .has purchased , preferably depends on th^, event. There jare three 
possibilities: - - ^. 

• the entitlement can be canceled up jo ^wq. minutes past purchase; • ' . 

^ • the event can be canceled during a period of time.t^imed di.cancellat ion. window: 

• , the event cannot be. canceled. . r - .-r . ^ , , /, i 

Which of the three.possibilitjies is.?is^oc^^ by tlje-?* 

purchasable entitlement data. 1913 in;thf )pB AJ^ apconipanies ,the event. One flag in 
flags 1917 indicates whether the event can be cupeled: aiapther, indicates whether. . 

20 cancellation is possible in a cancellation window. If neither flag is set. the event cannot 

be canceled. When DHCTSE 6?7-raakes a^^ even;, desgrip.tor 1 7Q3. for the event, the 
values of the flags in the GB AM are used to^set flags irj flags 1 70^5 which indicate 
whether the event may be canceled or during a cancellj^tlon window only, . Againy if 
neither flag is. set, the event cannot be^canceled. , ... .... j. 

The user cancels an.event by recjuesting cancellaJion via CjUStoiner4nBut^ 628 to DHCT 
333. When DHCT 333 receives the input, it provides ^ cancell^tior\ request including the 
EAID and entitlement ID for the instance, to DHCTSE 627, which uses the EAJD and the 
entitlement ID to locate the event NVSC 1701 that contains event descriptor 1703 for the 
30 event. If thp flags in flags 1 705 indicate that the ^ntitlencient cannot be .canceled, . 

DHCTSE 627 indicates, that fact to DHCT 333, which then indicates that the. entitlement 
is not cancelable to the user. ^ If the flags indicate that . entitlement can be canceled, 
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DHCTSE 627 simply sets tke cahceled flag in event descriptor 1703. If the flags indicate 
that the entitlement caii be canceleci only during a cancellation window, and an ECM 
indicating the cancel window has ended has not yet been received, DHCTSE 627 sets the 
• ' cancel flag in event descriptor 1 703; otiiefwise, it indicates to DHCT 333 that the 

ehtitleriieht cannot be'cahceled, and DttCT 333 so informs the user. If the event has been 
canceled, DHCTSE 627 clears the acknowledged flag, which action causes a new FPM to 
be sent to the entitlement agent for tlie event. The entitlement agent responds to the FPM 
by adjusting its billing as required by the candellation and sending a new acknowledge 

EMM.' ■ ;^ . . * . ' 

Interactive Sessions 

' The chief difference between broaclcast services and interactive services is that each 
session of the interactive service has its own interactive session key, which is contained in 
the interactive session NVSC for the interactive session. The NVSC for the interactive 

15 session'also contains tlie ehntiement ID session. In an ECM that 

accompanies the MPEG'-2 stream for an interactive session, MSK ID field 2213 is set to a 
value which iridicates* thaf the MPEG-2 stream is to be decrypted using an interactive 
session key. When DHCTSE 627 interprets such an ECM, it uses entitlement ID 2245 to 
find the NVSC for the interactive session arid then uses the interactive session key 

20 contained in the NVSC to decrypt c6htt6l Wbrd 223^ 



Detailed Description of Traiisactioh Encryption Device 603: FIGs. 24 
. and '25 \ 

Each C AA that can authorize entitlement agents in digital broadband deliyery syjstem 501 
25 and each EA that can grant entitlements in system 5.01 , has a Transaction Enpryptipn 

Device or TED 603 in system 501. Preferably, pach CAA or EA has its own ^separate 
TED in system 601. Alternatively, the TEDs co^ld be combined in one device. The TED 
603 stores the secret keys used by the entity to which it belongs and has har4wai:ie and 
software to do encryption, decryption, k^y^ generation, and authentication as required by 
30 the entity. The keys are kept secure by implementing the TEP without a user interface or 

user I/O devices, by implementing it in a tamper resistant container, by connecting the 
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TED only to the DNCS and using a secwe link for that connection, .and by keeping the 
TED in a physically secure environment such as a locked room. 

In the case of a TED 603 for a PAA, the TED 603 stores the priyate keys coijesponding 
5 to the three public keys representing the CAA.in the DHCTs 333, encrypts and^prpvides 

sealed digests for of EMMs from the CAA to the DHCTs 333, and decrypts and „ 

authenticates messages from the DHCTs 333 to the CAA. In the case of a TED 603 for 

an EA, the EA TED does the following: 

(1 ) stores the public and private keys for the EA and the MSKs for the EA;, - 
JO (2) generates the EA public and private keys and the MSKs; 

(3) encrypts and prepares sealed digests for the EMMs sent on behalf of the EA;. 

(4) prepares the shared secret digests used to authenticate global broadcast messages; 

(5) provides the MSKs to SEES module 620 for use in encrypting instances of 



15 



services; 



(6) generates interactive session keys (ISKs) for interactive session EMMs and 

provides them to SEES module 620 for use in encrypting thejnteractive session; and 

I \Z c:-: • Mo'-\''^^ v/?'-)'^;^!;.' ns vrAFi^i^f^. .,: ;i. ^;'v;Vvo...... 

(7) decrypts FPMs and other messages sent from DHCT 333 to the entitlement aeent vi 



TED 603 in Conditional Access System 601: FIG. 24 , , 

20 FIG. 24 shows the relationship betxyeaen ^ number of TEDs 603 and the rest of conditionalik 
access system 601 . Portion 2401 of conditional access system 601 includes a CAA TED 

2427 for a CAA that authorizes entitlement agents in system 601, . Rortion 2401 also 
includes one EA TED 2425 for each of the n+I entitlement agents which the .CAA has 
currently authorized for DHCTs 333 in digital broadband delivery system 501 . 

25 Alternatively, all E A T£D 2425* functions could be combined into a single TED, which 

coiiicl include the CAA TED 2^57 fiiinction. Each TED is kept in a physically secure area 

2428 and is cbnriected'to DNCS 567 by a secure high-speed liijc 2423 that connects only 
DNCS 507 aiid the TEDs '603 In the preferreil embodiment, the secure link is a secure 
Ethe'mehiiyc."bNCS 507 uses TEI) 6oVlo eiiciypf EMMs, fo decrypt FPMsJ to generate 

30 EA pufilic and private keys, to' generate RlSiCs and ISKs, and to prepare global broadcast 

message digests. DNCS 607 has a remote "procedure call interface to the TEDs 603 for 
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performing these operations; aiid, consequently, programs executing on iDNCS 607 can 
* use' the facilities of a TED simply by making a procedure call. 

DNCS 507 is the sole connection between a given TED 603 and the rest of conditional 
access system^ 601 . D^CS^ 507 is iconnecfed by'a'network 241 5 to systems belonging to 
the CAA and thd Various EAsl Eath of these entities has a database containing 
information relative to its function. CAA 2405 has CAA database 2403^ which contains 
at least the CAA*s tfiree public keys arid encrypted versions of the corresponding three 
private keys, the entitlement agent identifiers for the entitlenient agents that the CAA 
authorizes, and a^per-DHCT database that contains tlie names, types, and numbers of the 
NVSCs that the CAA has allocated to each entitlement agent authorized for the DHCT. 

Each E A '2409(i) h^ its own EA database 2407(i); EA dambase 24070) preferably * 
contains the EAID foPthe EA, a list of tlie tv4!Sk lt)s and expiration dates for the MSKs 

15 ' that thfe EA is currently using, kid a dat^tiase bif the'service's and/or instances that the EA 
is providirig. This database 6f services contains at least the entitlement ID for each 
^ ' service: EA datafe^e 24b7(iy^lsb m^ database of the entitlement IDs, 

fentitlement expiratidn times,1m MSK'IDs'for the entitlements and MSKs sent in EMMs 
to the DHCT; The per-DHCT database may also contain customer billing information 

20 such as the information required to deal with the purchase information in an FPM. 

Key certification authority 2413 is ari^ntity which certifies the public keys of DHCTs 333 
to DNCS 507. In a preferred emb6dinierit, lcey certificatibri authority 2413 is maintained 
by the meihtifacturer of DHCT^ 333. DHCT key database 241 1 contains a database of 
25 DHCT serial nunibers and their piiWic keys! WHen'a User of a DHCT 333 wishes to 

purchase an instance of a service offered by an EA, the user sends a purchase order to the 
EA with the kerial hiiiftber (which iis also ike IP address) of the DHCT 333 . The EA 
' provided the serial hiimbertb^bNCS 5f)7, which'maintains a database 242 i oif DHCT 
' ■ public keys by serikl number. If" the serial number is not in the database, DNCS 507 
30 sends a request for the'public key to KCA 241 3i. The request contains the serial number, 

and the key certification authdrity responds to the request by sending a digitally signed - 

. , • ^- . --r^. r. • ' ■■ * •■ --u': ;\ ^ . ' - "-^^'''^ ^ 

message'2412 toDNCS 507.: This message contains the DHCT's public key. DNCS 507 
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has the public key for the key certificatioi| auth^^^ and uses ,the.public kev and the ., 
digital signature to confinn the authenticitj^ of tli^ Rt^^T public^ key in the message. If 
the public key is authentic, DNCS 507 places it m public key database 2421 . 

5 DNCS 507 is further connected via another high-SRfQ4. Jii^ 24 1 7 to-^EE§.6;20, which is 

provided with MSK^ for encrypting instanpjes of services. Aj^di^oiially, DNC^ 5Q>f . 

provides global broadcast messages (G3AM?)^d EMM broadcast via transport link 
^ 517 to the DHCTs 333. Finally, DNCS 507 is cpimect?^. via Jtbq reverse p^h provided by 

LAN interconnect device 017 to the DHCTs 333 ^d rcMives, FPlVis from the DHC Js 
10 333. In other embodiments, DHCT 333 niay al§o send EMMs to P|ICXs 3^3|.l>y.this 

route. 



15 



20 



25 



30 



Data flows in portion 2401 are ^hown .1^ labels on th&an:ows cpnnepiing the components. 
Thus, an EA 2408(i) sends unencrypted contents 2410 of EA EMMs and. clobal broadcast 
messages to DNCS 507 and receives unencrypted contents 24^2 of FFMs^foriherEA from 
DNCS 507. With EA EMMs and global broadcast messages, DNCS -507 ysqs£A TED 
2425(i) to do the necessary ^cryption, digest making, and Jcey gmeration^d then sendsi 
^he encrypted and authenticated EMM^ ' 
MSKs, to SEES 620, as shown at 2426 and 2418. In the case ofEMMs, whichcarc 

repeatedly sent over an extended period of time to the DHCTs, DNCS,507 stores^the 

''•'^ i f.r 1 V *^4, i'.- *^ C: '.'c-ii ... • " ' .-^ " :i - ..It- 

encrypted EMMs in EMM database 2420 and provides them to SEES 620 from there. 

With FPMs. DNCS 507 us^s the EA TED 24250) for the EA 2409(j) to which thcFPM is 

addressed to do the decryption and authentication and sends decrypted FPM contents 

24 12 to E A 2409(i). DNCS 507 treats C A^ EMMs the same .way as, B f^ EMM.s, expept 

that the encryption and digest making is done using CAA TED 2427. 



DNCS 507 also Mntaips^a clatabg^se c>f encrypted ejitity informatioig 24) 9, rwhiph . ( 
comprises encrypted topics of the private keys md MSKs stored i^ the. 'pa^is, (609. that are 
connected to DNCS 507. This encrypted entitv information is used to restore a TED if a 
malfunction or the physical destryction qf the TED should cause loss of the key 
information. The encryption is done in the TED using a pass plu^.e.., V/hen the 
information has been encrypted, it is output to DNCS 507 and stored in database 241 9: 
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when the TED is restored, the iniPorihation input together with the pass phrase to the 
TED, which then decrypts the key information: ^ , , . 

Detailed Implementation of TED 24250): FIG/25 

5 FIG. 25 is a detiailed block diagram of a preferred embodiment of an EA TED 2425(i), In 

the preferred embodiment, EA TED 2425(i) is implemented using a standard computer 
motherboard arid chassis with a standard Ethernet board and additional means for 
accelerating RSA encryption and decryption. 

10 As shown in FIG, 25, the main components of f Ei5 2425(i) are CPU 2501, memory 2505. 

a hardware random number generator 2537, an Ethernet board 2541, and a number of 
RSA accelerator boards 2539(0 n), all interconnected by bus 2503. The use of mpre 
than one RSA accelerator board 2549 permits RSA encryption and/or decryption in 
parallel; in consequence, the preferred embodiment pf TED 2425(i) is capable of 

1 5 encrypting a plurality of EMMs very rapidly, e.g., within a second, while also performing 

Other operations involving encryption, digest making, or decryption at a similar rate. 

{ . , ^-J"' * - , ' ' '" ji'^i - ll^^lt 'Si:;'" 

Memory 2505 contains IE A information 2507, which is the public and private key for the 
entitlement agent to which TED 2425(i) belongs, the MSKs for the EA, and code 2523, 
20 which is the code executed by CPU 2501 . The parts of memory 2505 which contain code 

2523 and EA information 2507 are non- volatile, with the part containing code 2523 being 
read-only and an the part containing EA information 2507 being both readable and 
writable. The code which is of interest to the present discussion includes: 

(1) KiSK generating code 2525, which generates MSKs and ISKs from random 
25 numbers provided by random number generator 2537; 

(2) RSAkey generator 25 17, which generates Dublic and private RSA keys from 
random numbers; 

(3) MD5 code 2529, which performs the Mb5 one-way hash algorithm; 

(4) 3DES code 253 1 , which does 3DES encryption and decryption; 

30 (5) GBAM authorization code 2533, which makes the shared-secret digest used to 

authenticate global broadcast messages; 
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(6) RSA encryption/decryption code 2535, whijch performs RSA - . „ . 
encryption/decryption with the assistance of .p,SA h^r^ r , ' 

(7) EA information encryption code 2536, which encrypts EA information 2507 with 
a pass phrase for storage. in DNCS 507;.. |;/. - , I 

5 (8) EMM code 2538, which produces encrypted and authenticated EMMs;,and 

(9) FPM code 2540, which decrypts and checks FPMs. 
EA information 2507 contains the information needed to do the encryption and 
authentication of GBAMs and EMMs sent on behalf of the EA represented by TED 
2425(i). EA information 2507 also facilitates and contains information for decryption and 

10 authenticity checking on FPMs directed to that EA. In a preferred embodiment, EA 

information 2507 includes at least: (1) EAID 2509, which is the EAID for EA 2409(i), 
EA Ku 251 1 and EA Kr 25 13, which are the public and private keys respectively for EA 
2409(i); and (2) a MSK entry (MSKE) 25 15 for each MSK being used by EA 2409(i) in 
conditional access system 601 to which TED 2425(i) belongs. Each MSKE 2515 

15 contains MSK identifier 25 1 7 for the MSK, the expiration time 25 1 9, if any,, for the MSK, 

' Msk parity 2520 for the M^ ' ' . ' • - - - - -^^ 

Operations Performed by EA TED 2425(i) 

When EA TED 2425(i) is initialized, it is provided with the EAID for the EA to be. v 
20 represented by TED 2425(i). It stores the EAID at 2509 and uses RSA key generation 

code 25 1 7 and a random number from random number generator 2537 to generate EA 
public key '251 1 and EA private key 2513, which are stored in EA Information 2507. A 
Remote Procedure Call (RPC) permits DNCS 5<67 to read EA public key 25 1 1 . Other 
RPCs permit DNCS 507 to read TED 2425(i)*s serial number, to get and set TED 
25 2425(i)'s system time, and to call TED 2425(i) to determine whether it is responding. 

TED 2425(i) responds to this call with its serial number. EA TED 2425(ij also reports a 

number of alarm conditions to DNCS 507. These include encryption partial and total 

r:-. ..'.'/Mm'; 

failure, random number generation failure, memory failure, and TED and Ethernet 
overload. 
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Continuing with the encryption and authentication of EMMs, DNCS 507 has two RPCs, 
one for EMMs generally ahd'x)rie for MSK EMMs. When DNCS 507 is to make a non- 
MSk EMM for EA 2049(i), it receives the f6liowing from EA 2409(i): 

(1 )' the serial nurnber of tkie^ 
5 (2) anEAIDforEA2409(i); ^ 

• (3)" the EMM'S Qrjf^t and ' ' ' ' - '''' ' ' ' " ' ' ^ " ' ' 

- (4) the iriformatibn needed iFdr an EMM of thiat particular type! for example, ah 

•entitlement bit map togeth^i- ^th the firist entitlement ID, the expiration date, and the 

no^xpiration date flag. 

DNCS 507 uses the serial number t'd ibok up the public key tor the DHCT 333 in public 
key database 2421 , uses the EAID to detefinine" which TED 2425 to use, formats the 
infomiation as required fd^r £ln EMM of this type, and provides the formatted information 
(1 123, 1 125, iand 1 127 in FIG. 11) via the RPC toTED 2425(1) together with tke DHCT's 
15 public key. EMM cod^ 2538 tKeri uses M 

information and uses RSA E/D code 2535 to encrypt the formatted information with the 
DHCt's^pubiic k6y and enciypt thWi for the EA. The 

encrypted formatted information and the encrypted iligest are provided to DNCS 507, 
which adds whatever else is necessdiy aHd pla^^^^ I^MM database 2420. 

For an MSK EN^M, DNCS 507 rWceiveViiid E^^ D^Ct serial number, the EMM 
type, the MSK parity, the MSKID, and any expiration date from EA 2409(ij. DNCS 507 
then retrieves the DHCT serial number, formats the information, and makes the RPC call 
as just described.' 'in thiis case, EMM 6ode 2538 looks in EA Information 2507 to find the 
25 MSK corresponding to'the MSK ID and adds the Msk to'the foniiatted information. 

' Theiri EMM code 2538 useis MD5 c6de 2529 to make a digest of the formatted 
iiiforiniatioh. EKlM code 253 8 'then Uses PlS A encryptioWdeciyp^^ code to encrypt the 
fomiatted information' with tfie DHCT's public key an^ encrypt the digest with the EA's 
private key and returns the EMM to DNCS 507, as described above. * 

' The interface for giving a global broadcast message its autheniicaiion information 
requires the MSKID of the MSK that is to be the shared secret and the contents of the 
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global broadcast message. G,E^AM.authorization.code.2533 in.TED2425(i),visesthe 
MSKID to locate MSKE 2525 for the MSK, combines MSK 252 L,Yith:1he-c^^ of the 
global message (GBAM header 1807 arid globaj bJP^dcast data 1809! in FIG.. 18), and 
uses MD5 code 2529 to produce the digest (GBAM MA^J S^PS), .which it.retums to 
5 DNCS507. 

With messages sent from the DHCT 333 to the EA, such as^theforwauded purchase 
message, the IP packet in which^^he rne^ssag^ incl]ui4^s.the IP address- of rthe DHCT 

333 which is the source of the message^a.nd^,that tjain ^include? the serial number of 
DHCT 333. DNCS 507 uses the serial number to locate t^e public key for DHCT 333 in 
10 public key database 2421 and provides the public key to TED 2425(i) together with 

encrypted envelope key 2103,,CA FPM.messag? 2105,, and FPM.signed authentication 
2 1 07 from the FPM. fPM code 2540 then: . . c . . 

(1) uses EA public. key 251 1 and RSA encryption/decryption code 2535 to, decrypt 

*?».; \'5 V. V" * • :c *j>" . _ c ..' ' I ».^t, . -'*' 

FPM encrypted enyelope.key 2103^ ^ . , ^ , 

15 (2)^ .uses 3DES code 253 1 ;and,the dec^rypted enyelppe key to decrypt FPM, encrypted 

events 21 13;. . , ^ • ^ 

^ (3) uses RSi^ ^nqi^ptipn/deci^Ijto cod? 2^^5^^ 

decrypt FPM authentication Z ^ ^ .^^ ^ r ^ . . ^ ; 

(4) uses the dep^rypt^ei^^ encrypted eye \vith MP5 code 1^529 to produce a new- hash 

20 which it compares with the decrypted value of FPM authentication 2 1 07. If this 

comparison indicates ithat the FPM is authe^itic. T^ED 24?5(i) returns the decrypted events 

to DNCS 507, which in tun:i forwards them to EA24P9(i). 



The MSKs in MSK 2515 are generated, by TED.2425(i). The, interface for MSK. 

25 generation simply requires th^. MSKID for the new MSK, the paritv for .the new MSK, 

and any expiration time. MSK generation .code 2525- receives a jandom^nurnber from 
random number generator 2537 and uses it to geneijatie-the new MSK^ Then the MSKE 
2515 for the new MSK is made and added to^EA-infonnation 25Q7^If there is abreadv an 
MSKE 2525 for the MSKID for the new. MSK, the neiw MSIJ:E replaces the existing 

30 MSKE. TED 2425(i) also generates interactive session keys for the add interactive 

session EMM. Key.p;eneration is as described for the NISK EMM. Qnce TED. 2425(i) 
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has provided the EMM content vvith the encrypted key to DNCS 507, it overwrites the 
area iii liiemory 2505 where the interactive session key Was stored. 

5 CAA TEDs 2427 have the same hbrdw^e' as EA TEDs, but in the preferred embodiment, 

^ 'they only encrypt the CAA EMMs usedVd establish an ^ntitlfefneht kgeht in a DHCT 333, 
EMM encryption is done exactly as described for EA TEDs. The only keys required for 
encrypting and authenticating CAA TEDs are the DHCT 333's public key and the CAA's 
private key : They therefore need only store orie of the thr^ee public-private key pairs that 

10 ' represent the CAA. -"The CAA public-private key pair is generated elsewhere. The private 
key is encrypted using a pass jdlrase' th^t is jproivided to CAA TED 2405 along with the 
key pair. CAA^ TED then dcfdyptsihe private key ahd stores the decrypted private key. 

• biit not the pass phrase, in meiiior^ ^li505.' the encrypted^private key, but not the p^s 
phrasers stored in ericrypte^^ 

The foregoing has disiciosedi lioW co access system^^ 

' access aut^iority; the fentitieriV6nfageni§3 and transaction enctyption device 

603 to provide security for its ovvri Wperatibris and for the^keys and entitlerneiit' 
20 information reqtiir^d foldecrypt an"ihst^ a service" Another function of conditional 

access system' 601 is that dfensunrig secure data downloads for applications executing on 

• DHCT 3 3'3.'' There are two path^ by v/hicK data' may Be^ downloaded: (1 in an MPEG-2 
stream via the high bandwidth path running from SEES 6 1 9 via transport network 5 1 7 to 
HFC network 521 to DHCT 333, and (2) in IP packets via the lower bandwidth path 

25 running from control suite 66f vik LAN interednnect device 6 1 7 and QPSK modulator 

• 621 to Hpe network 521 2bd™CT333: " " ' ^ ' ' ' 

'As with the'data used in cdnditibrial access sysiern ^01 , tfiefe are ifwb aspects to the 
proiblifm: security and auAehticktion: Security may be attained fey encrypting the data. In 
30 ' the case of data delivered by the high'baridwidtH niay be either by DES 

using an MSK when the data is intended for all DHCTs 333 having a given entitiement 
agent or by means of the public key for the DHCT when the data is intended for a specific 
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DHCT 3 33 . In the case of data delivered via the lower bandwidth path, the data is ; 
addressed to the IP address of a specific, DHCJ 333 andmay be encoded vsrith the public 
key of the DHCT 333. In the case of encryption with a MSK, the MSK is provided by 
transaction encryption device 603, and, in the case of encryption with the public, key of 
5 the DHCT 333, transaction eijicryptfon device .603 can.provid^ the key or do the^ c. 

. encryption itself. DHCTSE 627 contairis the keys needed to do^the necessary, decryption 
inDHCT333. • , j^.,,.,,; i • ^. 

The authenticating entities in coi^d^^^^ comprise the conditional 

10 access authority and the entitlement agents. Authentication of downloaded data is done in 

, the same fashion as in EMMs, namely^ by using^a oncrxyay hash function to niake a digest 

of the downloaded data and then encrypting the, digest with Ujie priYate key of the. ; 

authenticating entity to niake a sealed d^est. In the prefejred Qmbpdimenju the sealed 

digest is made in transaction efipjyptipn dfxic^ 603 . ^^When tlje dQwnIoad^d4ata a^ 
15 in DHCT 333, DHCTSE 627 uses the public key of the authenticating entity to decrypt 

the seale^ jii&e^l ^pd;hpq^^^ 

data. If the downloaded data is authentic and has not been corrupted in transit, the 
decrypted sealed digest and the resijlt of Ij^shir^g the 4.at^ in the .pne-way hash ^function 
will be equal. It should be noted at this point that th? autheptication is done jiot by thf. 
20 . originator of the data, but rather by a CAA or EA that is.kpown to the digital broad band 
delivery system. Moreover, because the CAA ox pA i^ alreadv known to DHCT 333.^ 

doymloading of authenticated data to DHCT,.333 can o^cur without imeryerrtipn of the 

user of DHCT 333. . v , 

25 There are many way^ of relating the authentication to the data being authenticated^. . One 

way is to use a GB AM as described above with-regard tp FIG. 20. Jn^sueh a:case, the 
GBAM payload 2003 would be the digest for the data being downloaded and entitlement 
agent 2005 would encrypt the^igest >^th ^^V f? ^^jl ^ Pf^^S ajdigest using 

payload 2003 and a MSK. AnpAer >yay is to sirp^pji}^|S^]^d,^ message via. the IvtPEG-2 

30 transport stream or using an IP packet that contained an authentication portion as well as 
the data. . . 
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One kind of data that can be downloaded using the above techniques is^code^tp be 
executed by the general purpose processor in DHCT 333. The memory used by the 
processor: includes a portijpn \yhich isi fla^ memory: Jhat is^ the memory daniiot te 
, . \\Titlcn lo like ordinary writable memory^ but can be rewritten'-only as a wholeV Sueh 
5 rnemoP>' is typically used to hold jdownloadable. code.. FIG:; 23 shows a message • 

containing downloadable code. .Code message 2301 has two parts: authentication part 
2303.and code part 2305. C^>de part 2305 contains encrypted or Unencrypted code, as the 
situation requires. Authentication part 2303 contains at leaist two items of information: 
auihenticator identifier (AID) 2307 and sealed digest 2309. Authenticator identifier 2307 
10 is the CAAID or EAID for the conditional access authority or entitlement agent that is 

authenucalmg code 2305; sealed digest 2309 is made by hashing code 2305 in a one-way 
hakh* function to make a digest and then encrypting the digest with the private key of the 
CAA or EA that is authenticating the code. SD 2309 is produced in a preferred 
environment by a transaction encryption device 605. 

Code message 230 1 can be sent either in a MPEG-2 transport stream or as an IP packet. 
. Messatge 23Q 1 may bs broadca$t 4p agy J^HCT; 333 that Jhas :tbe authenticating CA% or 
P"" " "™^y ^ sent to ^ specific DHCXy333K In that cdse. the packet(s) carrying:Tx>de 
message 2301 will, include an addressi for In the preferred embodiiSkerit, the 

20 address is DHCT .333's serial number. - When code message i2301 arrives in the DHCT 

333 for vvhich it is intended, .code executing.,Qn the processor performs the one-way hash 
, flmciion on code 2305 and provides the TesuU-toge.therfwith AID 2307 Mid sealed digest 
. 2309 tO: DHgTSe 627. DHCTSE 627 i^es. AID. 2307 to locate the public key for the 
^ _^ CAA-or EA and then use^ the.public key tp.cleqjg'pt'. sealed digest 2309.. .Finally, it : 
25 . compares the hash value in decrypted ,s.ealed digest. 23t)9; with that provided by die'code 
exeeutisig on. the processor, and, if they are equal,rDHGTSE.627.sigriaIs that thexode has 
'b«en,authenti.cated. . , , , . \: ,. ■ :, ;•; ^ V;- >-i.'.r,_..-; - :. ■• ■ "•; • ■ 
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Public key Hierarchy (^^ : 

The various elements of the system described herein' cfolledtively implement d piibfic key 
hierarchy 2801 within the network; ^This is ^advantagibus because 'such ahieraithy can be 
use4 iQ^establish the 'ttfust chains? that support scaleable ahd Spontaneous cohimercial 
5 » . jnteractiQn.between IJHGTs 333 and other:netWorks that- employ public key--based '-^ 
security^ such as.the Internet;, It can also be. used to establish trust in user commercial 
. . .interactions with the DBDS 50-4. /\ .vL^ ' ^ x j;* •• r , . 

FIG. 28 shows the hierarchy of public key certification in the DBDS. There are two 
independent ;nrust chains'' sho\yn. On the left hanc^ side is the "DHCT chain\ which 
10 establishes the validity of the public keys associated with DHCTs 333 and enables^trusted 

use of digital signatures made by the DHCT 333. On the right hand side, is the **Operator 
chain" which establishes the validity of public keys associated with the network operators 
and the subtending E As within each system and enables trusted use of signatures of these 
entities. _ 

15 - The J)HC;T'>signature'3806 'niay 66 usfed j^s'desfcribed elsewhere herein^ to authehticate ' - 
• . messages-sent . from the DHC'P'333. However, for" rfecipierits to be abi^' to trust such' 
DHCT signatures as authemk/they must^knbw' With c that' tlie pubKc ^key claimed 

to be associated wiih DHCT 333 is irt facit the iriie key Which matches with the DHCT's;^ 
. ; . private key. TJris is accomplished' by certifying the DHCT^ certificate 2806 vvith the- " 

20 factory programme certificate -authbrity (FPC A) signatiire!- The FPCA signature can be 

trusted because reference caii be made ta FPCA cerfificate 2865.^ The eJhCT certificates 
2806 and the FPCA' sighattire-as-^all ais the 1=PCA t:ertificate 280i5 are pfefefably made at 
the manufacture time of DHGOt SSSiifi a -secure Wtkyl Since it may be necessary oVer time 
. - to issuernew FPC A certificates' and use new FPGA sigriatureK eaeh FIPCA c'ertificate is 

25 also certified with a signature of the DHCT Root which may have ite^bwn^bertifi'cate 

2804. Said DHCT root certificate 2804 may either be self-signed or may be certified by 
another authority. DHCT root signature is preferably administered in a highly tamper- 
resistant device, such as one that meets the requirements of FIPS 140-1 Level 3 
certification. 
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In the operator chain, the various EA certificates i2 803 aire used to make signatures in the 
manner described elsewhere herein. Likewise, th'^ Operator CAA signature using the 
Operator CAA certificate 2802 is used to certify each EA signature as described 
previously herein. Above the operator Ci^ signaturju lwo 
5 used to inttpduce an operator CAA 2802 to a PHCT 333 in.aLsecure:;way. In fact, 

pjreferably at panujfacture time, th^re are three Root CAA public, keys placed;into the 
sect^NVM of the DHCT 333. Then, authentic messages from any two of the Root 
CAAs may be used to replace the^ third Root pAA public Jcey with that of the Operator 
CAA whose key is certified in Operat^^r <; AA, cqrfificates 2802. The Root CAA is 
10 preferably administered by the manufacturer in ajtamper-resistait de.yi<;e,that meets or 
exceeds the requiijemenjts of FIPS 140-1 1.evel 3 certification. It .i§ possible,, howeyer, 
throj^gh an appropriate sequence of messages, to change all of the Root CAA public keys 
. to be those of other CAAs that the manufacturer has no control pver. It is thus possible to 
t *^ nianufacturer from the signature chain, In this ease, the Root CAA can be 

sope other orgpiaation a^^ OPp^/Qr 111055 operators ot ,ijL may. be adijiinistered by 

an operator. , , _. ... .. . .. 



IS 



> As-shovvh iri FIG. 28 and describecl- elsewhere herein, each operator may have a plurality 
ofEAs. In a preferred embodiment, there is a different EA and an associated EA 
certificate 2803 for every operating site of any given operator. This ensures that DHCTs 
20 can hot be hiigrated between operatibnal sites without thc'khowledge and'participation of 

the opei-atdr CAA signature 2802. " - ' ' - - 



^ . ! -..I' 



The. geo-political (T A certificate 2807,shownjn FIG. 28, js: not required to operate the 
nomal conditipnal access Md elet^oni^; activities of operator.; However, the^operator 
. ""^y it?, sigr^ature chain into a large;; chain to; be .able to -participate or have 

25 DHCTs 333 participate in transactipris -involving en^^ 

Ifi this case,,the5ignatl^e chains may be readily. Unkedtothose of geo-political and 
its signatiu-e ?.807 by having the public keys of pne^^pr alJ-pftheX)HCT>root signature 
28Q4, the.Root.CAA signature 2808 or ppera.tpr CAA signatulies 2802 certified by the 
geo-ppl^tijial q A signature. This ^ accomplished by hayirig a certificate placed in a 
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database for each of the public -keys ^assoGiatejd with,signatures 2804, ^08 and 2J502.. 
Sdd certificate is signed with tiie private, key of the.geo-political: CA 28.07;^- ^ 

' FIG. 29 shows an^ BMM generator 290 1 / * As describeia elsewhere herein, is preferred 
5 that DHCTs 333 that are operated by different operators in different^DBDS Insmces are 

controlled by an operator CAA that is sfTecifia to fiiat'6 arid system. Since DHCTs 

SSS'^atmanufai^tufe tim^ are nof cOnfigure^to be controlled by any operator CAA, but 
instead are controHey by 'three Root CAAs'thepul^lic keys o]^^ placed in the 

memory of the secure-prlf)ces5br during^hiiifiufacture; they muist be reconfigured for 
10 -control by different operators. This miist^be' done securely. As described elsewhere 

herein, messagcfs bearing t^he digitkl signatures of two of the Root C AAs can be used to 
reconfigure the terminal vcith fesiyecl to third CaX!' The EMM generator 2901 is used 
to produce brie ofthe two iriessiage^ rife^ded'to Introduce a new Operator CAA public key 
in a^eertified Way to the DHdt 333\'''i:«-lt:^^ the 
15 ■ EMMgeneratb^^otfeatPitiAky^ 

DHCTs that will be controlled by a specific operator may be placed in a separate fi 
. the input device or may be associated wit^ an operatpr in otiier ways xilear, to those skilled 



in the art. 



20 Prior to generating introductory EMMs 2903, certified public keys of the .various r- -. . 

operators served by the EMM Generator 2901 arc loadlpd„ii)to the,public kpy mc^or>! 
2904 of the EMM Generator 290 1 . Thus, when EMM generator 2901 reads input of 
DHCTs needed tOtbe ihtroSduced to Operatd^ Arthe EMMgeneratbr use^ ihi'^ublic key of 
OperatorA-read froMthemcJry 2904 toj^riJdifcif'EMMs bdntmhiiig thfe iivil)iicrkiy of 

25 / Operator A. Likewise, ^titit t&'gtnefatiRi iri&odiictory EMMs 2§0^,' thfe 'pn vite keys of 
the Root CAAstmust'be loaded ifltp'the private key'memor^'i^iS' of the EMM graerator 
. . 290.1 . Said EMMs are' digitally; signed by thfe EMM Gehetaitbr 2901' U^'ihg'thd jirivaie 
keys of the Root CAAs cbn^ried-ih memory 2905;' Sihce private sig'riih^ k^ys^ ' ' 
contained in mfertiory WQS bf EMM Genelra:foi*-2'901 7 the'EMM Generator 2901 must be 

30 impleihented iasi secure fashi6h:that- prevents dfecbviery of the value's bftte Root CAA 

private keys stored in memory 2905. EMM Generator 2901 should thus be implemented 
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in a tamper-resistant device which meets the requirements of FIPS 140-1 Level 3 or 
higher. 

Since two Root CAA private keys must be jased to sign separate CAAlntroductory 
EMMs 2903, there are preferably two EMM Generators 2901 implemented, one each for 
each of the two Root CAA private keys. It is, also preferred that EMM generators 2901 
are operated in separate phypcaL facilities. 

The Detailed Description of a Preferred Embodiment set forth' above is to be regarded as 
exeitiplary and not restrictive; ancf the breadth oT the invention disblosed herein is to be 
detennined frdm the claims as interpreted with tlie full breaSih permitted by the patent 
laws." • • ' ' ' - ' " '' ' V 

: .... ■ ' \. .'. . ^ ' ^ ;w .... ' ■ /: ' : 
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What is claimed is; . 



1 . A secure element for use in a receiver that receives messages addressed to the 
receiver, the messages having an encrypted content and being seht on bekaif of 'an entity 

5 that determines whether the recfeiverhas access id ihstaiices of services received in the 

receiver, the secure element comprising: ' ^ ' ' ' ' " ' ' " ' 

non* volatile memory wherein is stoirfed a public key-private key pair for the 
receiver and a public key for the entity; . _ 

processing apparatus coupled to the non-.yolatile memory, the pi;ocessing,. 
10 apparatus including apparatus for decrypting and authenticating the ^le^sages and for 

decrypting and authenticating receiving the message content and using the private key for 
the receiver to decrypt the message content and the public key for the entity to determine 
whether the message content is authentic, the processing apparatus not responding to the 
message content unless the message is authentic. 

15 

2. The secure element of claim 1 , wherein: ti 
the entity is a conditional access authority that authorizes an entitlement agent.t<:) 

grant an entitlement to the receiver to access at least one of the instances; 

the message is a first message whose content includes a specifier for the 
20 entitlement agent which is being authorized; and 

when the message is authentic, the processing apparatus responds to the message 
by storing the specifier in the non-volatile memory. 

3. The secure element of claim 3, wherein: ' 

25 the message is a second message whose content includes a public key for the 

entitlement agent; and 

when the message is authentic, the processing apparatus responds to the second 
message by storing the public key for the entitlement agent in the non-volatile memory. 
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4. The secure element of claim 2, wfieVeih: 

the message is a third message Having content that ihcludes limitations on the 
number ahd/or kinds of entitlements granted ty- the ehtitlement ag^nt; and 

when the message is authentic;\he"pV6dessing apparatiis responds to the tliird 
5 message by storing the limitations in the non-volatile memory. 

5- ^ The secure element of claim 2, Wherein: 

the non-volatile memory is divided iiitd^^^^ ' - ii- 
the message is a fourth message whose content specifies a number of cells;" and 
10 when the message is authentic,' the prbc^rssing apparatus responds thereto by 

allocating the specific rtimib^r of cells to the erititlemerit agent 

6. The secure element of claim 5, wherein: 

the content of the fourth messlage further specifies n for the cells specified 
15 therein; and ^^"^"^"^ .'^t^r.. ;;u:, 

^ ' i'-^ when the messafeei's atiiheiltieVttie'^^^ thereto by 

allocating the specified nxmiber of cells to the 'entitlement agent by n 

7. The secure element of claim SJv^^ 

20 when the content of the fourth message is authentic and specifies no cells, the 

processing apparatus responds thereto 'by deallocating all^ cells belonging to the 
entitlement agent and removing thd entitlement agent's specifier from the non-volatile 
■ memory. "' - "^''''"^ . , *v .-...^ ..^ - l: : . ; . - 

25 8r ; llie secure elef^ 

the message is a fifth messagd vvlibse content specifies fernovdl of the entitlement 
'agjentirom ^ ^ - - ; • 

when the content of the 'fifth message is authehtic, the processing apparatus 
responds thereto by removing the entitlement agent's specifier firom the non-volatile 
30 memory. 
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9. The secure element of claim 3, wjierein: 



the entity is the entitlement ag^^^ . . ; 

the message is a sixth pessage that specifies the -entitlement agent and. whose 
content controls access to services repeiy.e^Jn the.i;eceiver Qn. behalf pf the entitlement 
agent. 



10. The secure element of claim J ^ wherein: ^ ^ _ .... r - 
the entity is an entitlement agejittha}: grants aLn.entillQmejQt to the receiver to 

access at least one of the instances; and . .^^ , . 

the message is a seventh niessage vy^hich specifies the .entitlement agent and whose 
content controls access to services r?c?ive^ jp tjie, receiver on behalf oCjihe.entitlement 
agent. 

11. The secure element of claim 10, wherein: - . 

15 the instance ofthe service is encrypted; l ^ 

. . , ^ Jheconten^^ 

decrypting the inst^ce of the service; and , - , ~ ? f . 

when the message is authentic, the processing responds to the message by storing 
the long-term key in association with the jeptitl^prQept agents ^ . - 



12. The secure element of claim 1.1. wherein: . . 



the receiver further receives a global brpadqasX menage that is s;ent oa behalf of 
the entitlement agent but not addressed to any particular receiver; 

the global broadcast message includes a global broadcast message content and a 
25 digest made from the global broadcast message coat^nt,a^d .thp Jong-term key; and 

the apparatus foL decp^pting^^^^^ auth^jiq^tes the^lq^bal broadcast 

message by making a new digest from the contents a^d. tl^fi jong-terai ice^ stpEed in the 
secure element and comparin]^ the new digest jvith the digest^ . , , „ , 
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13. The secure element of claim 1 1, wherein: 

the receiver further rebieives a 'glbbad broadcast message together with the 
encrypted mstence of the seWi6e, the'globkl -broadcast iriessage including an entitlement 
agent specifier for the entitlehietiit agent and an encrypted short-term key derivation value 
5 from which a short-term key for deciyptlrig the enciypteid' instance niay be derived; 

the receiver provides the entitlement agent specifier agent and the short-term key 
derivation value to the secure element; and 

the processing apparatus responds thereto by lising the entitlement agent specifier 
to'lbcate the Ibhg-term key associated wiih the ehtitfemeii^ agent and using the long-term 
1 0 key with the apparatus for decxypting and authenticating to decrypt the short-term key 

derivation vdlue, deriving the short-teriii key'tiierefrom, andVoviding the short-term key 
' tdthe^receiver: '^""^ ' ' ' - 

14. The secure element of claim 13, wherein: 

* 5 the global broadcast message further includes an authentication value for 

auttienticatirig the gldb^^^ u ^ j 

the receiver further provides the authentication value to the secure element; and 
" ' the processing responds tiierefc the aubieriticatiori value with the apparatus for 

decrypting and authenticating to authenticate the'grobal broadcast message. 

20 

15. The secure element of claim 13, wherein: ' 

the authentication value is a digest made fro^^ the contents and the long-term key; 

' and ~ - .1, '-i: ^. -o- :.-^: Utx 2 — ^ ^ ^ 

the apparatus for decrypting and authenticating authenticates the global broadcast 
25 message by marking a new digest' frdm the contents and &ie long-term key stored in the 

secure element and comparing the new digest with the dige^^^^ 
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16. Thesecureelement of claim 10, wherein: . ^ - 

the seventh message further contains an entitlement i<|ientifier that identifies an 
entitlement to 2m instance of a service provided by the entitlementagept; ajiid , - 

when the message is authentic, t^e process jijg ^ppar^tus respoojds.to^the.message 
5 by storing the entitlement^ identifier in the mempry \n association with jthp entitlement 

agent. 

1 7. The secure element of claim 1 6,,wherein: 

the seventh message further contains entitlenient infomjiation th^t further describes 
10 the entitlement; and , - 

when th^ message is authentic, the processing apparatus respond^ to the.miqssage 
by storing the entitlement information in the memory in association with .the entitlement 
agent. 

15 18. The secure element of claim 17, wherein: v 

the entitlement information further c^^ infprmaj^Qn^ind^^^ piat tlje 
entitlement is to be deleted; and ;^ 

when the message is authentic, the processing apparatus responds to the^messaee 
by deleting the entitlement information from the memory. . > 

20 

19. The secure element of claini. 17, jyherein: ... . .. 

the receiver further receives a global broadcast message together with the instance 

of the service, the global broadcast message including an entitlement agent specifier for 

the entitlement agent and an entitlement identifier; 
-5 the receiver provides the entitlement agent specifier agent aqd entitlement 

identifier to the secure element; and 

the processing apparatus responds thereto by using the entitlement agent specifier 

to locate the entitlement identifier in the memory, the processing apparatus enabling 

access to the instance only if there is an entitlement identifier associated with the 
30 entitlement agent specifier that matches the entitlenient identifier in the global broadcast 

message. 

83 

^ -SUBSTITUTE SHE^^ 

BNSOOCIO <WO 99071S0A1 t > 



WO99/07150 PCt/US98/16145'^ 



15 



25 



20. The secure element of claim 1^^^ 

• the instance is encrypted with a shbrt-tem 

^ the m^rnbry contains a loiig-ferm key that is'assbciated With the entitlement agent 
and with a long-temi key identifier; - 
5 the global broadcast message further includes a key identifier and an encrypted 

short-term key derivation value; - ^ ^ ^ 

the receiver further provides they key identifier and the short-term key derivation 
vaMe to the secure element; and ^ * . .. 

the processing apparatus further responcis thereto by using the entitlement agent 
10 specifier ^d the long-term key identifier to locate the long-term key, using the long-term 

key and the short-term key derivation value with the apparatus for decrypting and 
authehticatihg to obtain the shbrf-ierm iiey\ the processing apparatus providing the key to 
the receiver only if the entitlement ideritifief in*the"giobal broadcast message matches the 
entitlement identifier associated with tiie entitlement agent in the memory * ' 



21. The secure element of claim iV wherein: ^ " ' ^ 

the message includes a digest of the unencrypted message content that has been 
encrypted with the private key corresponding to the public key ifor the entity ; 

^ the apparatus for decrypting and authenticating inciudes digest making apparatus- 

the apparatus for decrypting and authenticating determines whether the message is 
authentic by decrypting the digest in tke message and making a new digest from the 
decrypted message content, the niessage content being authentic only if the digest and the 
new digest are the same. 



22. A secure element for use m a receiver that receives a global broadcast message 
sent on behalf of an entitlement agent, the global broadcast message including 



authentication information produced using a secret shared'between the entitlement agent 
and the receiver, the' secure elenient comprising: 



30 ' ' ^ non-vblatile memory wherein Is stored the shared secret; and 



. .X. t 



' ^ processing apparatus coupled to the non-volatile memory, the processing 
apparatus including authentication apparatus for authenticating Ae message, wherein the 
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processing apparatus receives the authentication infon^atioix,. uses ^e authentication 
apparatus and the authentication information to authenticate the mes$age, and provides an 
indicaiion of validity of the global broadcast message to the. receiver only if the message 
is auihcmic. 



23. The secure element of claim 22, wherein 



rein: 



ihcre are a plurality of the entitlemjent agents; ^ . ^ 

the global broadcast message further includes a specifier for the entitlejnent agent 

of the plurality on whose behalf the mejssage is beipg sent; 
10 there is further stored in the non- volatile memory at lest one stored specifier for at 

least one of the plurality of entitlement agents; and , 

the processing apparatus further receives the specifier for the jentideme^t agent 

from the global broadcast message and provides the indication of validity only if the 

specifier for the entitlement agent ma|ches the stored specifier. 

24. The secure element of claim 23, wherein: ^ > - 
the receiver receives an instance of a,service,on behalf of an entitlement agent of 

the plurality thereof; 

the global broadcast message is a first global broadcast message Jha.;^ accompanies 
20 the instance and further includes an entitlement identifier indicating entitlement to the. 

instance; 

there is further stored in the non-volatile memory at lest one stored entitlement 
identifier for at lest one of a plurality of instances of a service; and 

the processing apparatus further receives the entitlement identifier fro tl\e first 
25 global broadcast message and provides the indication of validity only if the entitlement 

identifier matches the stored entitlement identifier. 

■ 'fjL i:l M•^0'? : /::v- :'.\- . . - : : w i^: 'nicr, ,1-. ./ •:.r..: ■ 

25. The secure element of claim 24, wherein: 

the instance of the service is encrypted using a short-term key; 
the first global broadcast message further includes a key derivation value; 

there is fiuther stored in the non-volatile memory a long-term key associated with 

/-.^o r \- . -iv e;r N cv-..r; .t-r: .:c; -o:. v — '-'^*': 

the entitlement agent; 
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the processing apparatus further receives the key derivation value, iises the long- 
term key together vvith the key deriv^tidh value to obtain the short-term key and provides 
the shoimenn key to the receii^dr to iise^'iri decrypting the instance of the service if the 
global broadcast message is valid. ' ^ 

26. ^ The secure element of ^:lkm^^ * ^ 

- there are a plurality of long-term keys assbciiateci with the entitlement agent and 
stored in the non-Volatile memory, eatK of the long-terin keys being associated with a 
stored key identifier that is stored in the non-volatile memory; 

* ^ the first global broadcast mesSagfe further includes a key identifier identifying a 

long-tenn key; and ' ' u 

- - the processing apparatSs further Veciei^^^^ long-term 
key associated v^dth a stbfed key 'identifier that rri^^ key identifier to obtain the 
short-term key. 

27. The secure element of claim 25, wherein: , . - ^ < . . 
the key derivation vaiiie has 1?een ericryptecl using thfe'lbng-t^^ key; 

the processing apiparatus fiiit^er 
' the processing appariatus uses itic Ibng-teriii key arid the decryption apparatus to 
20 decrypt the key deriviatidnvaiae.^ '^'^ " ' ' . 

28. The secure element of claim 25, wherein: ' ' 
the shared secret is the long-term key; 

the authentication irifbrmatioh is a digest made using contents oi the first global 
25 btx^adckst inessat^e and the shsirbd ^^^^ - i i , . : 

the authentication apparatus authenticates the message l^y making a new digest 
usihg the cohtehts Wdi the long-term key ami comparing {he nevv digest vath the digest. 

29. • ' " ^ j. .^j 

30 • ^ ' the global broadcast message is a selcdrid global broadcast message that ' 

accompanies th^ instance and further ihcludes'a purchasable entitlement identifier that 
identifies an entitlement to the instance which a user of the receiver may purchase; 
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the receiver responds to the second glol>al broadc^ist message by interacting with 
the user to indicate purchasability of the instance ^d t<j an indication pf purchasability 
from the user by providing the purchasable ent|flement identifier tq.the^ secure (element; 

and . . ^. . L . f 

5 the processing apparatus responds thereto by storing the purchasable entitlement 

identifier in the memory in association with,t^e entitiipment ^^pn\, {hejpmcessing 
apparatus further using the purchasable entitlpnci identifier in the same -fe^shion as the 
entitlement identifier to deteraiine validit)^ of the fir^x global broa4ca§t message. . , 

10 30. The secure element of claim 29, wherein: 

the receiver further sends a message addressed to the entitlement .agent;^ j,..- 
the message^has contents that include at l^ast an encryption of jthe purchasable 
entitlement identifier, a key for decp|^pti|ig the^encrypj^io^ an .encrypted digest .of the 
contents; . . . 

15 the memory further includes a public key for the entitlement agent and private key 

for the receiver; , . - r^r^ : 

the processing apparatus fiuther inci^^ apparatus* j^uijd . , i^- 

the processing apparatus receives the conjepts^^Iiro^^^^ a^further.key for 
decrypting the encryptipn, uses the encp^^ptiOT and the farther ke;i^ to encrypt. the 

20 encryption, uses the public key for the entitlement agent an^ ^e e;ncrypi|on apparatus to 

encrypt the further key, makes the digest of the contents, and uses the private key and the 
encryption apparatus to encrypt the digest. ... ^ 

31. A secure element for use in a receiver that has, access. t^ ji^stj^cea of services as 
25 determined by an entitlement agent, the recewer sqn messages to th^.^ntiU^^^ 

agent and the secure element comprisinc: 

rion-volatile mcmpry wherein is stored a public keyrpriyate key pairibj Ihe 
receiver and a public icey for the entitlement agent; 

processing apparatus coupled to the non-yplatil,e;r^ the processing 

30 apparatus including apparatus for encrypting, the apparatus for ericrypting responding to 

content of a given message by ^rnaking a diges;t of 0e content apd ericrypting the. digest 
using the private key for the receiver, encrypting the content with a further key, 
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encrypting the further key with a public key' foi- the entitlement agent, an'd'returning the 
encry pted c6nierit, th6 encrypted digest, s^d the eiiciypted further key to the receiver for 
inclusion Tn the message.' m. r-- r, . 

32. The secure element of claim 3 1 , wherein: 

the secure elemeht is implemented in a module which is separate fifom the ' 
remainder of the receiver and i^ c6hsiimer-instailable1h the receiver. 



33. A service ofigiriatibrf cbmpohent included in a cable television systerti for securely 
transmitting to a serx'ice reception component, the service origination component ^ 
comprising: 

a transaction ericrryiitioh device for storing ia private fcey for an entitlement agent 
that is indliided in the tabic tdevisibri system for ttahsmittihg instances of service ib the 
service reception component; and ' t 

>5 a controller securely linked to the transaction encryption device for encrypting 

information using the private key for subsequen^^^^^ service reception 

■^■icbmi3bnerit:*' ' --"-^-n- --^^^niri-^i'^.-;:.?^- -.jr-j/ i.: c.:u - rv 

34. The service origination component of claim 33, wherein the service origination 
20 component comprises cable televisibn hea^^^ 

35. The service origination component ofclaim 33, further comprising: ' 

a processor coupled to the transaction encryption device for processing data using 
a secure hash ftihtiioh to generate the inirdm ^ 



36. The service origination component of claim 33, further comprising: 
/- ' the entitlement agent coiiplel to thk cohtt^oller for generating' an instance of 
service; - . . 

a rahdbiti number generator for generating a multi-session key (MSK); 

a processor coupled to the random number generator and the controller for hashing 
the instance of service and the MSK in a secure one-way hash to generate a digest that is 
included as a part of the information. 
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37. The. service origination component pf cl^m 3.6, further comprising:. , . . . 

an encryptor coupled to thjg controller foj; fprther encrypting the information using 
a public key associated with the service reception component prior to transmission pf the 
information. 

38. The service origination component pf cl^iin 3,6^ fijurther^comprism . 

a message generator coupled to the proces^pr for generating an .entitlemeiU . 
management message including the digest, wherein the entitlement management message 
is encrypted by the processor using the private key tp, generate, .the information that is 
transmitted to the service reception componem^^ ^; .j , 

39. The service origination component of claim 38, wherein the entitjlemejit 
management message is further encrypted^ using a public key of the service reception 
component. 

4(). ^ The. service origin^tipn^^^^ - oh- 

conditional access authority establishment apparatus for establishing a ppnditional 
access authority. 



41. The service origination component of claim .40, wherein: . s> 

the transaction encryption device further stores a private key of the conditional 
access authority. 



42. The service origination component of claim 4 1 , further comprisipg: ^ 

a message generator for generating a message comprising a public key of the 

entitlement agent; ^ . , . 

an encryptOT coujpled to Ae n^^ generator for encrypting; the mepage using 

the private key of the conditional access authority; and 

a transmitter cpupled^to the encrypto for transmitting the message to the service 

reception component that is intended to receive the instances of service from the 

entitlement agent. ... 
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•43." A cable television system for providing secure" transmissions, the cable television 
system comprising: 

in erititfeinent agent for generating ^ 
- ' a seiVice briginiatiotf compoxie^^ 
5 . i transaction encryption device for St6ring a private key for the entitlemeiit 

agent; and - , - ^ 

a controller securely linked to the transaction encryption device for encrypting 
informatioii iisihg the private key" for subsequent transrhission; and 

i service reception component for rebeivihg the inforriiation and foV decrypting the 
10 information using a public key of the entitlement agent. 

44. The cable television system of claim 43 ; vv^herein the service' origination component 

.... . '. . ► .. i t ^ ' ■ ' { 
comprises cable televisioii head end equiprn'ehtr 

15 45. The cable television system of claim 43, further comprising a transmission medium 

coupled between the service ongmatioil component and the service reception component. 

46. The cable television system of claim 43, wherein the service reception component 
comprises a cable television set top terminal. 

47. The cable television system of claim 43^ wherein the service origination component 
further comprises: ' ■ • . • - ^ ^ - • ^ * 

a random number generator for generating a multi-session key (NiSK); 
a processor coupled to the random number generator and the controller for hashing 
25 ari instance of service and the MSK* in a seciiie one-way Hash to jgenerate a digest that is 

included as a part of the information. 
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» . " - '*•-'. 

48. The cable leJeyision system of pl^m 47,.^yherein the service, origination component 
further comprises: ,j . ^ , 

a message generator coupled to th^ proce;^spr for generating an^entitl^ement 
management message includmg the dig|?f;t, wherein ,th message 
5 is encrypted by the processqr using the .priy^Je, key to generate tjae information that is 

transmitted to the service reception component. / 

49. The cable television system of plaii|i >yhereip the entitlement; manager^ent 
message including the digest is further encrypted usjng apublic key of th^ ser^^ice 

10 reception component. . 3»r n - 

50. The cable television system of claim 43,. further comprising: . . j, . . 
conditional access authority establisjjxnept apparatus, ff^r establishing a conditional 

access authority. 



15 



of the service origination component further stores a private key of the conditional access 
authority. , . . 

20 52- The cable television system of claim 5 1 , wherein the service origination component 

further comprises: . , f . 

a message generator for generating a message comprising a public key,,Qf the , 
entitlement £Lgent; , ^ 

an encryptor coupled to the message generator for encrypting the mpss^ge using the 
25 private key of the conditional access authority and a public k^y pf the service jreception 

component; and ... 

a transmitter coupled to the encryptor for transmitting the message to the service 
reception component that is intended to receive the instances of service from the 
entitlement agent. 
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